SMBSR - Lookup For Interesting Stuff In SMB Shares

SMBSR – Lookup For Interesting Stuff In SMB Shares

Well, SMBSR is a python script which given a CIDR/IP/IP_file/HOSTNAME(s) enumerates all the SMB services listening (445) among the targets and tries to authenticate against them; if the authentication succeed then all the folders and subfolders are visited recursively in order to find secrets in files and … secret files. In order to scan the targets for SMB ports open the masscan module is used. SMBSR consides someting interesting basing on its:

  • Content
  • Exstension
  • Name

The interesting keywords the tool should look for are defined via the command line as well as:

  • File extension blacklist
  • Folder blacklist (Watch out, also subfolders are gone)
  • Number of Threads
  • Should i masscan or not?
  • Interesting file extensions (I guess something like ppk, kdbx, …)
  • Maximum file size (Bytes) allowed to be checked (Believe me, too big might take some time)
  • Should i export the results in two nice CSV files?
  • How deep should i look into subfolders?
  • Other common ones and required

Of course everything is saved locally in a SQlite Database. The database containes one table for the “hopefully it’s a DA password” match, called smbsr containing the following columns:

  • file
  • share
  • ip
  • position
  • matchedWith
  • Creation Date
  • Last Modified Date
  • Last Accessed Date
  • Count (If more then one match on the same file, this one is incremented)

And also another table for the interesting file list containing the following columns:

  • file
  • share
  • ip
  • Creation Date
  • Last Modified Date
  • Last Accessed Date

Requirements

pip3 install -r requirements.txt

Usage

For instance, from the project folder:

./smbsr.py -IP 127.0.0.1 -word-list-path tomatch.txt -multithread -max-size 1000 -T 2 -username OB -password '****' -domain OB -file-extensions dll,exe,bin

Coming Soon(?)

  • LDAP Integration in order to retrieve the list of computer objects

Credits

  • Everyone who is going to help out finding issues and improving
  • Retrospected: For helping out every Friday with debugging the code and brainstorming on new features

Leave a Reply

Your email address will not be published.

Special Offer for Hackers!Sign up to get your $5 Coupon code, weekly deals and latest hacking tools straight to your inbox!
X