[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pen-test
Subject:    Re: Samba hacking ?
From:       David Cravshaw <david.cravshaw () gmail ! com>
Date:       2005-04-06 4:41:06
Message-ID: 32c5e51a05040521412a887487 () mail ! gmail ! com
[Download RAW message or body]

Note that to do an "anonymous" enumeration of shares, you will have to
specify an information level of 1, i.e.

rpcclient -c "netshareenum 1" -U % <ip_or_hostname>

By default, rpcclient attempts to enumerate shares at a higher privilege level.

This was on debian with smbclient 3.0.10-1

On Apr 4, 2005 10:10 AM, Jon Hart <warchild@spoofed.org> wrote:
> On Fri, Apr 01, 2005 at 01:12:10PM +0200, Frederic Charpentier wrote:
> > Hi Bones,
> > Concerning samba enumeration, you can use samba-tng to get more than
> > share names.
> >
> > (with $rpc = samba-tng's smbclient, maybe it works with normal samba now)
> 
> rpcclient (at least as provided with Debian's smbclient package) is
> quite useful.
> 
> `rpcclient -c help -N $ip` will give you a list of all the commands.
> Definitely check out the commands listed under the SRVSVC and SAMR
> sections.
> 
> -jon
>
[prev in list] [next in list] [prev in thread] [next in thread]