smbaudit: perform various SMB-related attacks

SMBAudit allows users to perform various SMB-related attacks across multiple Active Directory (AD) domains or hosts.  SMBAudit is fully written in bash (require bash version 4.0+) for increased compatibility with different UNIX distributions and only relies on the following dependencies (packages):

• coreutils
• smbclient

There are already multiple tools which offer similar features than SMBAudit available, for example:

• CrackMapExec
• SMBMap

So why the need for another tool to attack the so-famous SMB protocol?

When performing the test from a Unix box with no access to the Internet, it can be a very tedious and time-consuming task to properly install different packages/tools along with their dependencies and most of the tools available do not even implement features that I judge essential for my engagements. For instance:

• CrackMapExec: Requires Python to be installed on the host system. The documentation even recommends to run it in a Python virtual environment to not ‘mess-up’ with the host system. Furthermore, CrackMapExec relies on numerous third-party dependencies such as Impacket. Without Internet access and the help of the pip utility, the installation process of CrackMapExec is not very straight-forward (according to my own personal experience).

Download

git clone https://github.com/AresS31/smbaudit.git

Use

./smbaudit.sh --help

Copyright (C) 2018 Alexandre Teyar

Source: https://github.com/AresS31/