Skip to content

waldo-irc/SMBScan

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

84 Commits

README.md

README.md

 
 

wsmb

wsmb

 
 

Repository files navigation

SMBScan - Current Version 3.0.3

 __      __        .__       .___         _________   _____ __________ 
/  \    /  \_____  |  |    __| _/____    /   _____/  /     \\______   \
\   \/\/   /\__  \ |  |   / __ |/  _ \   \_____  \  /  \ /  \|    |  _/
 \        /  / __ \|  |__/ /_/ (  <_> )  /        \/    Y    \    |   \
  \__/\  /  (____  /____/\____ |\____/  /_______  /\____|__  /______  /
       \/        \/           \/                \/         \/       \/

Scans SMB for Vulnerabilities Assessment

Work in progress, looking to implement several things still. Uses nmap but packages all the NSE scans in one script for quick assessment as well as enumerating shares/smb servers and banner grabbing. Also does Enum4linux with -e flag and nbtscan with -n flag.

Please use responsibly and with permission only. I do not condone unauthorized uses and will not be responsible for anything unethical commited with these.

Uses Nmap, Enum4linux, NBTSCAN, etc. in order to scan smb for vulnerabilities and enumerating shares and samba servers. The script will check if you have these dependencies installed and offer to install them if you don't.

It can scan a subrange since it just uses nmap for the heavy lifting.

Usage: wsmb [options]
options:
-h, --help Show Brief Help
-l List SMB NSE Scripts
-n Include NBTScan
-e Include Enum4Linux Scan
-map Enumerate with smbmap
-sh or -sh='Share' List and login to an SMB Share
-s Run a full subnet SMB Scan without Banner Grabbing
-qs Run a quick SMB Scan
-sb Run a full subnet SMB Scan with Banner Grabbing (slow scan)
-c Run scan and empty directory
-cx Empty dir without scan
-brute Brute force SMB
-i Do a full intensive scan of SMB on the machine
-v Verbose output
--update Updates WSMB
--version Displays current installed version and checkes for updates

Usage Examples



It has the ability to check for ports 139,445 SMB. You can search for all servers with these ports open by running:

EX: wsmb 192.168.1.* -qs

This does a quick scan in order to get an idea of every machine with ports 139,445 open on your subnet. -s defaults to a full scan with hostname enumeration and -sb includes nmap banner grabbing as well.

Once you've decided on a target, you can run every smb nse script available on your system against the target with:

EX: wsmb 192.168.1.1

And if you'd like you can include enum4linux with -e and an NBTScan with -n. An intensive scan can be run with -i, doing enum4linux, nbtscan, banner grabbing, and enumerating all samba shares (by checking if anon login is allowed) as well as running all NSE scripts against target.

EX: wsmb 192.168.1.1 -e -n (Runs NSE Scripts, enum4linux, and nbtscan)

EX: wsmb 192.168.1.1 -i (Does a full run SMB enumeration)

Everything you scan will be saved in a corresponding file with the scan name in a folder named (last 2 digits of IP)/hostname-SMBScan on your Desktop.

Several more features to come so a --update feature was added to automatically update your script from the github version. Checks your current version against github version and if current version doesnt match, updates your file.

#Changelog *3.0.3

  • Verbosity addition -vv

*3.0.2

  • Cleaned up dependency checks

*3.0.1

  • Folder naming fixes

*3.0

  • Added new intensive scan option (-i)
  • Added dependency checks, for best experience allows you to install all dependencies quickly
  • Removed constant Version check against the git, --update or --version must now be ran to check for and run updates.
  • When updating with --update you are now prompted before accepting the update
  • Minor Fixes

*2.0.2-2.0.3

  • Fixed help Menu
  • Minor Fixes

*2.0.1

  • Enhanced SMB Share login to accept a Share as an argument for an expedited login. EX: wsmb 192.168.1.1 -sh="Admin"

*2.0.0

  • Complete restructure with functions to handle bulkwork. Further optimization planned to come.
  • Verbosity now works more effictively and as planned. Continued plans to improve.
  • Minor bug fixes including SMB Brute force fix

*1.0.62

  • New ASCII intro.

*1.0.61

  • Minor fixes.

*1.0.6

  • Added a verbosity level for more detailed output. Plans to update the output significantly for detailed info.

*1.0.51

  • Minor Bug Fixes

*1.0.5

  • SMB Brute Forcing Capabilities have been added using Kali built in acccheck

*1.0.4

  • Added Automatic Version checking (updates are done manually in case you'd like to wait for whatever reason)
  • Fixed folder naming system for certain hosts
  • Now set to properly update Locate DB

About

Scans SMB for Vuln Assessment

Resources

Readme
Activity

Stars

16 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages