RedTeam
2.Scanning-and-Enumeration
3.Ports
Ports-Links
139-and-445-SMB
Crackmapexec

Commands

Command (Connection)

crackmapexec smb IP -u '' -p ''
  • -u ---> Username
  • -p ---> Passowrd

Trying NULL and guest username to login are a good thing to test when trying to connect to a target via SMB

Command (Brute Force)

crackmapexec smb IP -u USERNAMES.txt -p PASSWORD.txt --continue-on-success
  • -u ---> Usernames
  • -p ---> Passowrds
  • --continue-on-success ---> Continue enumaration after finding one valid user

Domain admin will be flag with the keyword (Pwn3d!)

Command (Shares Enumeration)

# Take note you need a valid account to perform the following
crackmapexec smb IP -u '' -p '' --shares
  • -u ---> Username
  • -p ---> Passowrd
  • --shares ---> Enumerate shares access (Show folders & permissions)

More Information

More information ---> [Crackmapexec]([[Red Team/6 - Machine/3 - Active Directory/General/Tools/TOP/1 - Crackmapexec]])

MsrpcSamba