Enumerating SAMBA for shares
Samba is the standard Windows interoperability suite of programs for Linux and Unix. It allows end users to access and use files, printers and other commonly shared resources on a companies intranet or internet. Its often referred to as a network file system.
Samba is based on the common client/server protocol of Server Message Block (SMB). SMB is developed only for Windows, without Samba, other computer platforms would be isolated from Windows machines, even if they were part of the same network.
Using nmap we can enumerate a machine for SMB shares.
Nmap has the ability to run to automate a wide variety of networking tasks. There is a script to enumerate shares!
nmap -p 445 –script=smb-enum-shares.nse,smb-enum-users.nse TARGET
SMB has two ports, 445 and 139.
smbclient //<ip>/anonymous
smbget -R smb://<ip>/anonymous
nmap -p 111 –script=nfs-ls,nfs-statfs,nfs-showmount 10.10.92.61
Netcat command is a networking command-line tool in Linux. It works like a port scanning tool or a network monitoring tool.
The netcat command used for :
Port scanning
Copying files over a server
Creating a command-line chat server
Port forwarding
Creating Backdoors
Fingerprinting
Use Searchploit to Find Exploit offline
SearchSploit is a command-line search tool for Exploit-DB.
To install SearchSploit
sudo apt update && sudo apt -y install exploitdb
Updating SearchSploit: run the following command to update SearchSploit,
searchsploit -u Usage searchsploit ProFTPd 1.3.5 searchsploit IIS 6.0
Exploit