SMBMap: SMB enumeration tool
SMBMap allows users to enumerate samba share drives across an entire domain. List share drives, drive permissions, share contents, upload/download functionality, file name auto-download pattern matching, and even execute remote commands. This tool was designed with pen testing in mind, and is intended to simplify searching for potentially sensitive data across large networks.
Some of the features have not been thoroughly tested, so changes will be forth coming as bugs are found. I only really find and fix the bugs while I’m on engagements, so progress is a bit slow. Any feedback or bug reports would be appreciated. It’s definitely rough around the edges, but I’m just trying to pack in features at the moment. Version 2.0 should clean up the code a lot….whenever that actually happens ;). Thanks for checking it out!!
There’s a known oddity in the SMBServer component used for the file content search feature. For some reason it throws an exception in the threading library. It still works, but the error is annoying none the less.
- Pass-the-Hash Support
- File upload/download/delete
- Permission enumeration (writable share, meet Metasploit)
- Remote Command Execution
- Distrubted file content searching (beta!)
- File name matching (with an auto downoad capability)
git clone https://github.com/ShawnDEvans/smbmap.git
python3 -m pip install -r requirements.txt
Non-recursive path listing (ls):
File Content Searching:
Attackers Netcat Listener:
Copyright (C) 2015 ShawnDEvans