Enumeration Tricks


Connect to a share and display all files recursively

smbclient \\\\$IP_ADDRESS\\$SHARE_NAME -c 'recurse;ls' "" > Output-File

Connect to a samba share and see what all permissions do you have as a guest user

> smbmap -H $IP_ADDRESS -u ""

Connect to a samba share for easy enumeration. This will get you a command line in SMB

smbclient \\\\$IP_ADDRESS\\$SHARE_NAME ""


To test shellshock on a bash script running on a server use the following module to automate the process of figuring out the exploitable parameters.