SMBSR - what is that?
Well, SMBSR is a python script which given a CIDR/IP/IP_file/HOSTNAME(s) enumerates all the SMB services listening (445) among the targets and tries to authenticate against them; if the authentication succeed then all the folders and subfolders are visited recursively in order to find secrets in files and ... secret files. In order to scan the targets for SMB ports openthe masscan module is used. The interesting keywords the tool should look for are defined via the command line as well as:
- File extension blacklist
- Folder blacklist (Watch out, also subfolders are gone)
- Number of Threads
- Should i masscan or not?
- Interesting file extensions (I guess something like ppk, kdbx, ...)
- Maximum file size allowed to be checked (Believe me, too big might take some time)
- Other common ones and required
Of course everything is saved locally in a SQlite Database. The database containes one table for the "hopefully it's a DA password" match, called smbsr containing the following columns:
- file
- share
- ip
- position
- matchedWith
And also another table for the interesting file list containing the following columns:
- file
- share
- ip
Requirements
pip3 install -r requirements.txt
Usage
For instance, from the project folder:
./smbsr.py -IP 127.0.0.1 -word-list-path tomatch.txt -multithread -max-size 1000 -T 2 -username OB -password '****' -domain OB -file-extensions dll,exe,bin
Credits
- Everyone who is going to help out finding issues and improving
- Retrospected: For helping out every Friday with debugging the code and brainstorming on new features