SMB
ℹ️ Informations¶
- 🌐 Website: HackTheBox
- 📚 Module: Footprinting
- 🔗 Link: SMB
❓Question¶
What version of the SMB server is running on the target system? Submit the entire banner as the answer.
📋 Walkthrough¶
We can use nmap to grab the banner
nmap -sVC 10.129.202.5 -p139,138,445
PORT STATE SERVICE VERSION
138/tcp closed netbios-dgm
139/tcp open netbios-ssn Samba **** *.*.*
445/tcp open netbios-ssn Samba **** *.*.*
Answer
Samba **** *.*.*
❓Question¶
What is the name of the accessible share on the target?
📋 Walkthrough¶
Let's list shares using smbclient
smbclient -L /10.129.202.5
Sharename Type Comment
--------- ---- -------
print$ Disk Printer Drivers
samb****** Disk In******* *** v*.*
IPC$ IPC IPC Service (InlaneFreight SMB server (Samba, Ubuntu))
Answer
samb******
❓Question¶
Connect to the discovered share and find the flag.txt file. Submit the contents as the answer.
📋 Walkthrough¶
Let's connect to the share using smbclient
contents folder. Answer
HTB{*********************************}
❓Question¶
Find out which domain the server belongs to.
📋 Walkthrough¶
We can use enum4linux to see the domain
Answer
******
❓Question¶
Find additional information about the specific share we found previously and submit the customized version of that specific share as the answer.
📋 Walkthrough¶
We can see these information listing all shares of smb server
Answer
In******* *** v*.*
❓Question¶
What is the full system path of that specific share? (format: "/directory/names")
📋 Walkthrough¶
We can see username in the section
Answer
/home/*********