Wiki
  • Init
  • NOTES
    • Windows Tricks
    • Enumeration Tricks
  • WRITEUPS
    • HackTheBox
      • Linux
        • Lame
        • Bashed
        • Shocker
        • Nibbles
        • Beep
        • Sense
        • Valentine
        • Blocky
        • Mirai
        • Popcorn
        • October
        • Bank
      • Windows
        • Devel
        • Blue
        • Jerry
        • Legacy
        • Optimum
        • Arctic
        • Bounty
        • Grandpa
        • Granny
        • Bastard
        • Silo
        • Jeeves
        • Access
        • Active
        • Querier
        • SecNotes
        • Chatterbox
    • Pwnable.kr
      • collision
      • fd
      • bof
      • flag
    • Exploit Education
      • Protostar
    • Rop Emporium
      • ret2win
      • split
      • callme
      • write4
      • badchars
      • fluff
      • pivot
  • Exploitation Practice
    • SLMail 5.5
    • FreeFloat FTP Server 1.0
  • Study Notes
    • Practical Binary Analysis
Powered by GitBook
On this page
  • SMB
  • ShellShock

Was this helpful?

  1. NOTES

Enumeration Tricks

PreviousWindows TricksNextHackTheBox

Last updated 5 years ago

Was this helpful?

SMB

Connect to a share and display all files recursively

smbclient \\\\$IP_ADDRESS\\$SHARE_NAME -c 'recurse;ls' "" > Output-File

Connect to a samba share and see what all permissions do you have as a guest user

> smbmap -H $IP_ADDRESS -u ""

Connect to a samba share for easy enumeration. This will get you a command line in SMB

smbclient \\\\$IP_ADDRESS\\$SHARE_NAME ""

ShellShock

To test shellshock on a bash script running on a server use the following module to automate the process of figuring out the exploitable parameters.

GitHub - nccgroup/shocker: A tool to find and exploit servers vulnerable to ShellshockGitHub
Logo