Nmap Development mailing list archives
smb-psexec: ,|_ ERROR: Couldn't find a writable share! May not have an administrator account
From: hernani <coelho.hernani () sapo pt>
Date: Tue, 15 Dec 2015 13:12:20 +0000
hello,i run this command ---> sudo nmap -p 135,139,445 -d --script=smb-psexec --script-args=smbuser="******",smbpass="********" 192.168.*.**
and give me error in subject were is debug i put a bold where is access denied.
can someone help me?? Starting Nmap 7.01 ( https://nmap.org ) at 2015-12-15 13:03 WET --------------- Timing report --------------- hostgroups: min 1, max 100000 rtt-timeouts: init 1000, min 100, max 10000 max-scan-delay: TCP 1000, UDP 1000, SCTP 1000 parallelism: min 0, max 0 max-retries: 10, host-timeout: 0 min-rate: 0, max-rate: 0 --------------------------------------------- NSE: Using Lua 5.2. NSE: Arguments from CLI: smbuser=hernani,smbpass=******* NSE: Arguments parsed: smbuser=hernani,smbpass=******* NSE: Loaded 1 scripts for scanning. NSE: Script Pre-scanning. NSE: Starting runlevel 1 (of 1) scan. Initiating NSE at 13:03 Completed NSE at 13:03, 0.00s elapsed Initiating ARP Ping Scan at 13:03 Scanning 192.168.1.84 [1 port]Packet capture filter (device wlan0): arp and arp[18:4] = 0x48D224D7 and arp[22:2] = 0x15E6
Completed ARP Ping Scan at 13:04, 0.21s elapsed (1 total hosts) Overall sending rates: 4.77 packets / s, 200.43 bytes / s. mass_rdns: Using DNS server 192.168.1.254 mass_rdns: Using DNS server 2001:8a0:715b:a001:224:17ff:fecf:9624 Initiating Parallel DNS resolution of 1 host. at 13:04 mass_rdns: 0.00s 0/1 [#: 2, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1] Completed Parallel DNS resolution of 1 host. at 13:04, 0.00s elapsedDNS resolution of 1 IPs took 0.00s. Mode: Async [#: 2, OK: 1, NX: 0, DR: 0, SF: 0, TR: 1, CN: 0]
Initiating SYN Stealth Scan at 13:04 Scanning hernani-PC.lan (192.168.1.84) [3 ports]Packet capture filter (device wlan0): dst host 192.168.1.66 and (icmp or icmp6 or ((tcp or udp or sctp) and (src host 192.168.1.84)))
Discovered open port 445/tcp on 192.168.1.84 Discovered open port 135/tcp on 192.168.1.84 Increased max_successful_tryno for 192.168.1.84 to 1 (packet drop) Discovered open port 139/tcp on 192.168.1.84 Completed SYN Stealth Scan at 13:04, 1.21s elapsed (3 total ports) Overall sending rates: 4.15 packets / s, 182.40 bytes / s. NSE: Script scanning 192.168.1.84. NSE: Starting runlevel 1 (of 1) scan. Initiating NSE at 13:04 NSE: Starting smb-psexec against 192.168.1.84.NSE: [smb-psexec 192.168.1.84] Looking for the service file: nmap_service or nmap_service.exe
NSE: [smb-psexec 192.168.1.84] Attempting to find file: nmap_service NSE: [smb-psexec 192.168.1.84] Attempting to find file: defaultNSE: [smb-psexec 192.168.1.84] Attempting to load config file: /usr/local/bin/../share/nmap/nselib/data/psexec/default.lua NSE: [smb-psexec 192.168.1.84] SMB: Attempting to log into the system to enumerate shares
NSE: [smb-psexec 192.168.1.84] SMB: Added account '' to account list NSE: [smb-psexec 192.168.1.84] SMB: Added account 'guest' to account list NSE: [smb-psexec 192.168.1.84] SMB: Added account '********' to account list NSE: [smb-psexec 192.168.1.84] LM Password: 4845524e414e49NSE: [smb-psexec 192.168.1.84] SMB: Invalid NTLM challenge message: unexpected signature. NSE: [smb-psexec 192.168.1.84] SMB: Found 4 shares, will attempt to find more information
NSE: [smb-psexec 192.168.1.84] LM Password: 4845524e414e49NSE: [smb-psexec 192.168.1.84] SMB: Invalid NTLM challenge message: unexpected signature. NSE: [smb-psexec 192.168.1.84] SMB: Trying a random share to see if server responds properly: nmap-share-test
NSE: [smb-psexec 192.168.1.84] LM Password: 4845524e414e49NSE: [smb-psexec 192.168.1.84] SMB: Invalid NTLM challenge message: unexpected signature. NSE: [smb-psexec 192.168.1.84] SMB: Trying a random share to see if server responds properly: nmap-share-test
NSE: [smb-psexec 192.168.1.84] SMB: Getting information for share: ADMIN$NSE: [smb-psexec 192.168.1.84] SMB: Checking if share ADMIN$ can be read by the current user
NSE: [smb-psexec 192.168.1.84] LM Password: 4845524e414e49NSE: [smb-psexec 192.168.1.84] SMB: Invalid NTLM challenge message: unexpected signature. NSE: [smb-psexec 192.168.1.84] SMB: Checking if share ADMIN$ can be read by the anonymous user
NSE: [smb-psexec 192.168.1.84] LM Password:NSE: [smb-psexec 192.168.1.84] SMB: Invalid NTLM challenge message: unexpected signature. NSE: [smb-psexec 192.168.1.84] SMB: Checking if share ADMIN$ can be written by the current user
NSE: [smb-psexec 192.168.1.84] LM Password: 4845524e414e49NSE: [smb-psexec 192.168.1.84] SMB: Invalid NTLM challenge message: unexpected signature. NSE: [smb-psexec 192.168.1.84] SMB: Checking if share ADMIN$ can be written by the anonymous user
NSE: [smb-psexec 192.168.1.84] LM Password:NSE: [smb-psexec 192.168.1.84] SMB: Invalid NTLM challenge message: unexpected signature.
NSE: [smb-psexec 192.168.1.84] LM Password: 4845524e414e49NSE: [smb-psexec 192.168.1.84] SMB: Invalid NTLM challenge message: unexpected signature. NSE: [smb-psexec 192.168.1.84] *SMB: Failed to get share info for ADMIN$: NT_STATUS_WERR_ACCESS_DENIED (srvsvc.netsharegetinfo)*
NSE: [smb-psexec 192.168.1.84] SMB: Getting information for share: C$NSE: [smb-psexec 192.168.1.84] SMB: Checking if share C$ can be read by the current user
NSE: [smb-psexec 192.168.1.84] LM Password: 4845524e414e49NSE: [smb-psexec 192.168.1.84] SMB: Invalid NTLM challenge message: unexpected signature. NSE: [smb-psexec 192.168.1.84] SMB: Checking if share C$ can be read by the anonymous user
NSE: [smb-psexec 192.168.1.84] LM Password:NSE: [smb-psexec 192.168.1.84] SMB: Invalid NTLM challenge message: unexpected signature. NSE: [smb-psexec 192.168.1.84] SMB: Checking if share C$ can be written by the current user
NSE: [smb-psexec 192.168.1.84] LM Password: 4845524e414e49NSE: [smb-psexec 192.168.1.84] SMB: Invalid NTLM challenge message: unexpected signature. NSE: [smb-psexec 192.168.1.84] SMB: Checking if share C$ can be written by the anonymous user
NSE: [smb-psexec 192.168.1.84] LM Password:NSE: [smb-psexec 192.168.1.84] SMB: Invalid NTLM challenge message: unexpected signature.
NSE: [smb-psexec 192.168.1.84] LM Password: 4845524e414e49NSE: [smb-psexec 192.168.1.84] SMB: Invalid NTLM challenge message: unexpected signature. NSE: [smb-psexec 192.168.1.84]*SMB: Failed to get share info for C$: NT_STATUS_WERR_ACCESS_DENIED (srvsvc.netsharegetinfo)*
NSE: [smb-psexec 192.168.1.84] SMB: Getting information for share: IPC$NSE: [smb-psexec 192.168.1.84] SMB: Checking if share IPC$ can be read by the current user
NSE: [smb-psexec 192.168.1.84] LM Password: 4845524e414e49NSE: [smb-psexec 192.168.1.84] SMB: Invalid NTLM challenge message: unexpected signature. NSE: [smb-psexec 192.168.1.84] SMB: Checking if share IPC$ can be read by the anonymous user
NSE: [smb-psexec 192.168.1.84] LM Password:NSE: [smb-psexec 192.168.1.84] SMB: Invalid NTLM challenge message: unexpected signature. NSE: [smb-psexec 192.168.1.84] SMB: Checking if share IPC$ can be written by the current user
NSE: [smb-psexec 192.168.1.84] LM Password: 4845524e414e49NSE: [smb-psexec 192.168.1.84] SMB: Invalid NTLM challenge message: unexpected signature. NSE: [smb-psexec 192.168.1.84] SMB: Checking if share IPC$ can be written by the anonymous user
NSE: [smb-psexec 192.168.1.84] LM Password:NSE: [smb-psexec 192.168.1.84] SMB: Invalid NTLM challenge message: unexpected signature.
NSE: [smb-psexec 192.168.1.84] LM Password: 4845524e414e49NSE: [smb-psexec 192.168.1.84] SMB: Invalid NTLM challenge message: unexpected signature. NSE: [smb-psexec 192.168.1.84] *SMB: Failed to get share info for IPC$: NT_STATUS_WERR_ACCESS_DENIED (srvsvc.netsharegetinfo)*
NSE: [smb-psexec 192.168.1.84] SMB: Getting information for share: UsersNSE: [smb-psexec 192.168.1.84] SMB: Checking if share Users can be read by the current user
NSE: [smb-psexec 192.168.1.84] LM Password: 4845524e414e49NSE: [smb-psexec 192.168.1.84] SMB: Invalid NTLM challenge message: unexpected signature. NSE: [smb-psexec 192.168.1.84] SMB: Checking if share Users can be read by the anonymous user
NSE: [smb-psexec 192.168.1.84] LM Password:NSE: [smb-psexec 192.168.1.84] SMB: Invalid NTLM challenge message: unexpected signature. NSE: [smb-psexec 192.168.1.84] SMB: Checking if share Users can be written by the current user
NSE: [smb-psexec 192.168.1.84] LM Password: 4845524e414e49NSE: [smb-psexec 192.168.1.84] SMB: Invalid NTLM challenge message: unexpected signature. NSE: [smb-psexec 192.168.1.84] SMB: Checking if share Users can be written by the anonymous user
NSE: [smb-psexec 192.168.1.84] LM Password:NSE: [smb-psexec 192.168.1.84] SMB: Invalid NTLM challenge message: unexpected signature.
NSE: [smb-psexec 192.168.1.84] LM Password: 4845524e414e49NSE: [smb-psexec 192.168.1.84] SMB: Invalid NTLM challenge message: unexpected signature. NSE: [smb-psexec 192.168.1.84] SMB: Failed to get share info for Users: NT_STATUS_WERR_ACCESS_DENIED (srvsvc.netsharegetinfo)
NSE: Finished smb-psexec against 192.168.1.84. Completed NSE at 13:04, 0.20s elapsed Nmap scan report for hernani-PC.lan (192.168.1.84) Host is up, received arp-response (0.00040s latency). Scanned at 2015-12-15 13:03:59 WET for 2s PORT STATE SERVICE REASON 135/tcp open msrpc syn-ack ttl 128 139/tcp open netbios-ssn syn-ack ttl 128 445/tcp open microsoft-ds syn-ack ttl 128 MAC Address: 08:00:27:82:A3:43 (Oracle VirtualBox virtual NIC) Host script results: | smb-psexec:|_ *ERROR: Couldn't find a writable share! (May not have an administrator account)*
Final times for host: srtt: 400 rttvar: 2220 to: 100000 NSE: Script Post-scanning. NSE: Starting runlevel 1 (of 1) scan. Initiating NSE at 13:04 Completed NSE at 13:04, 0.00s elapsedRead from /usr/local/bin/../share/nmap: nmap-mac-prefixes nmap-payloads nmap-services.
Nmap done: 1 IP address (1 host up) scanned in 2.09 seconds Raw packets sent: 6 (248B) | Rcvd: 4 (160B) hernani
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- smb-psexec: ,|_ ERROR: Couldn't find a writable share! May not have an administrator account hernani (Dec 15)