RE: Nmap SMB Enumeration

["Edwards, David Earl" <david.edwards () Vanderbilt Edu>]

I would agree. :)

David E. Edwards
Technology Support Services
david.edwards () vanderbilt edu


-----Original Message-----
From: Ron [mailto:ron () skullsecurity net] 
Sent: Sunday, September 19, 2010 20:17
To: infolookup () gmail com
Cc: Edwards, David Earl; listbounce () securityfocus com; pen-test () securityfocus com
Subject: Re: Nmap SMB Enumeration

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

hey all,

Just wanted to post a followup -- the reason for ths issue was that LM/NTLM logins were diabled on the domain, only 
NTLMv2/LMv2 were allowed. Adding smbtype=v2 solved everything. 

I'm considering making the v2-level protocols the default. They're slightly more secure, and they should be supported 
by Windows 2000 and above. I used NTLM originally because it's faster and more widely supported, but I don't think 
that's necessary anymore. 

Thoughts?

Ron

On Tue, 14 Sep 2010 15:55:43 +0000 "Sherwyn" <infolookup () gmail com> wrote:
> Edward,
>
> You can pop in irc.freenode.net #skullsecurity and look for iago-x86 
> he is one of the nmap developer that worked on the SMB enum stuff.
> ------Original Message------ From: Edwards, David Earl
> Sender: listbounce () securityfocus com
> To: pen-test () securityfocus com
> Subject: Nmap SMB Enumeration
> Sent: Sep 14, 2010 9:11 AM
>
> Good Morning,
>                 I am trying to use NMAP for SMB share enumeration on a 
> Windows 2008 domain. I am running this against systems with Windows
> 2000 through Windows 7. When I specify the smbdomain, smbuser, and 
> smbpass arguments I am only able to see shares with null access. It 
> seems as though the credentials are not being used. Any help would be 
> greatly appreciated.
>
> Thanks, David
>
> ----------------------------------------------------------------------
> -- This list is sponsored by: Information Assurance Certification 
> Review Board
>
> Prove to peers and potential employers without a doubt that you can 
> actually do a proper penetration test. IACRB CPT and CEPT certs 
> require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ----------------------------------------------------------------------
> --
>
>
>
> Infolookup
> http://infolookup.securegossip.com
> www.twitter.com/infolookup


- --
Ron Bowes

Blog: http://www.skullsecurity.org
Twitter: https://twitter.com/iagox86

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)

iEYEARECAAYFAkyWtgcACgkQ2t2zxlt4g/QzrQCfbTO578zq3fsKbyEvki0fZvqx
T7kAoKIflquCxVWqgGvpBuPZ1825Hjt5
=8pAP
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------