Penetration Testing mailing list archives
RE: Nmap SMB Enumeration
From: "Edwards, David Earl" <david.edwards () Vanderbilt Edu>
Date: Mon, 20 Sep 2010 08:24:27 -0500
I would agree. :) David E. Edwards Technology Support Services david.edwards () vanderbilt edu -----Original Message----- From: Ron [mailto:ron () skullsecurity net] Sent: Sunday, September 19, 2010 20:17 To: infolookup () gmail com Cc: Edwards, David Earl; listbounce () securityfocus com; pen-test () securityfocus com Subject: Re: Nmap SMB Enumeration -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 hey all, Just wanted to post a followup -- the reason for ths issue was that LM/NTLM logins were diabled on the domain, only NTLMv2/LMv2 were allowed. Adding smbtype=v2 solved everything. I'm considering making the v2-level protocols the default. They're slightly more secure, and they should be supported by Windows 2000 and above. I used NTLM originally because it's faster and more widely supported, but I don't think that's necessary anymore. Thoughts? Ron On Tue, 14 Sep 2010 15:55:43 +0000 "Sherwyn" <infolookup () gmail com> wrote:
Edward, You can pop in irc.freenode.net #skullsecurity and look for iago-x86 he is one of the nmap developer that worked on the SMB enum stuff. ------Original Message------ From: Edwards, David Earl Sender: listbounce () securityfocus com To: pen-test () securityfocus com Subject: Nmap SMB Enumeration Sent: Sep 14, 2010 9:11 AM Good Morning, I am trying to use NMAP for SMB share enumeration on a Windows 2008 domain. I am running this against systems with Windows 2000 through Windows 7. When I specify the smbdomain, smbuser, and smbpass arguments I am only able to see shares with null access. It seems as though the credentials are not being used. Any help would be greatly appreciated. Thanks, David ---------------------------------------------------------------------- -- This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ---------------------------------------------------------------------- -- Infolookup http://infolookup.securegossip.com www.twitter.com/infolookup
- -- Ron Bowes Blog: http://www.skullsecurity.org Twitter: https://twitter.com/iagox86 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) iEYEARECAAYFAkyWtgcACgkQ2t2zxlt4g/QzrQCfbTO578zq3fsKbyEvki0fZvqx T7kAoKIflquCxVWqgGvpBuPZ1825Hjt5 =8pAP -----END PGP SIGNATURE----- ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Nmap SMB Enumeration Edwards, David Earl (Sep 14)
- <Possible follow-ups>
- Re: Nmap SMB Enumeration Sherwyn (Sep 14)
- Re: Nmap SMB Enumeration Ron (Sep 20)
- RE: Nmap SMB Enumeration Edwards, David Earl (Sep 20)
- Re: Nmap SMB Enumeration Ron (Sep 20)