Metasploitable3: Brute Force SMB Share and get shell
Introduce
SMB: Short for Server Message Block, SMB is a common network communications method used on Microsoft operating systems allowing those computers to communicate with other SMB computers. Linux and Unix computers can find other computers that respond to SMB requests using the findsmb command.
Penetration Testing SMB service
- Port scanning using nmap
- use auxiliary/scanner/smb/smb_login module in metasploit
- After having exist credential, use exploit/windows/smb/psexec module for getting shell
Demo
https://www.youtube.com/watch?v=xlkrr4VOsGo