smbaudit: perform various SMB-related attacks
SMBAudit allows users to perform various SMB-related attacks across multiple Active Directory (AD) domains or hosts. SMBAudit is fully written in bash (require bash version 4.0+) for increased compatibility with different UNIX distributions and only relies on the following dependencies (packages):
There are already multiple tools which offer similar features than SMBAudit available, for example:
So why the need for another tool to attack the so-famous SMB protocol?
When performing the test from a Unix box with no access to the Internet, it can be a very tedious and time-consuming task to properly install different packages/tools along with their dependencies and most of the tools available do not even implement features that I judge essential for my engagements. For instance:
- CrackMapExec: Requires Python to be installed on the host system. The documentation even recommends to run it in a Python virtual environment to not ‘mess-up’ with the host system. Furthermore, CrackMapExec relies on numerous third-party dependencies such as Impacket. Without Internet access and the help of the pip utility, the installation process of CrackMapExec is not very straight-forward (according to my own personal experience).
git clone https://github.com/AresS31/smbaudit.git
Copyright (C) 2018 Alexandre Teyar