PitchHut logo
Log in / Sign up
smb_discovery
by onurcangnc
Automate SMB discovery and enumeration with ease.
Preview url
Visit project
Pitch

This project provides a collection of Bash scripts designed to streamline SMB enumeration and authentication testing. By utilizing tools like enum4linux-ng, netexec, and crackmapexec, users can efficiently gather essential information about SMB shares and user access. Perfect for security researchers, the scripts ensure compliance with legal standards in penetration testing.

Description

This repository provides a suite of robust Bash scripts for automating SMB (Server Message Block) discovery and enumeration tasks, specifically tailored for penetration testing and security research. The project focuses on simplifying the process of SMB enumeration and authentication testing using several powerful tools including enum4linux-ng, netexec, smbmap, and crackmapexec.

Features of the Scripts

1. enum4linux_smb.sh

Leverage the capabilities of enum4linux-ng to efficiently enumerate SMB shares and user details across a range of IP addresses or CIDR notations.

Usage:

./enum4linux_smb.sh <input_file.txt>
  • Input file should list IPs or CIDRs, with one entry per line.
  • Automatically expands CIDR ranges into individual IPs and skips blank lines or comments.

2. netexec+smbmap.sh

A combination of netexec and smbmap that allows for both anonymous and authenticated SMB share enumeration.

Features:

  • Attempts to log in anonymously to assess accessibility on SMB shares.
  • Utilizes smbmap for checking share permissions of discovered shares.
  • Attempts authenticated access using default administrator credentials.

Usage:

chmod +x netexec+smbmap.sh
./netexec+smbmap.sh
  • Prompts for an input file containing IP addresses.

3. crackmap_automation.sh

An automation tool for executing SMB authentication tests through crackmapexec.

Features:

  • Reads a specified list of IPs from a text file.
  • Tests authentication against SMB shares using provided credentials.
  • Operates with timeouts to avoid indefinite hangs.

Usage:

chmod +x crackmap_automation.sh
./crackmap_automation.sh
  • Prompts for an input file containing the IP list.

Prerequisites

To efficiently run these scripts, ensure that the following tools are correctly installed:

  • enum4linux-ng
  • netexec
  • smbmap
  • crackmapexec

Important Notes

  • It’s essential to configure the USERNAME and PASSWORD variables appropriately in the netexec+smbmap.sh and crackmap_automation.sh scripts before execution.
  • Ensure the appropriate execution permissions are set with:
chmod +x *.sh

Disclaimer

These scripts are crafted solely for legal penetration testing and security research. Unauthorized use of this software is strictly prohibited.

0 comments

No comments yet.

Sign in to be the first to comment.