SMBMap allows users to enumerate samba share drives across an entire domain. List share drives, drive permissions, share contents, upload/download functionality, file name auto-download pattern matching, and even execute remote commands. This tool was designed with pen testing in mind and is intended to simplify searching for potentially sensitive data across large networks.
Some of the features have not been thoroughly tested, so changes will be forthcoming as bugs are found. I only really find and fix the bugs while I’m on engagements, so progress is a bit slow. Any feedback or bug reports would be appreciated. It’s definitely rough around the edges, but I’m just trying to pack in features at the moment. Version 2.0 should clean up the code a lot….whenever that actually happens ;). Thanks for checking it out!! Planned features include simple remote shell (instead of the god-awful powershell script in the examples), actual logging, shadow copying ntds.dit automation (Win7 and up only..for now), threading, other things….
You’ll need Impacket to use this tool:
Apparently, the latest Impacket requires PyASN.1:
- Pass-the-Hash Support
- File upload/download/delete
- Permission enumeration (writable share, meet Metasploit)
- Remote Command Execution
- Distributed file content searching (new!)
- Filename matching (with an auto download capability)
git clone https://github.com/ShawnDEvans/smbmap.git
Non-recursive path listing (ls):
File Content Searching:
Attackers Netcat Listener:
Copyright (C) 2015 ShawnDEvans