SMBSR – what is that?

Well, SMBSR is a python script which given a CIDR/IP/IP_file/HOSTNAME(s) enumerates all the SMB services listening (445) among the targets
and tries to authenticate against them; if the authentication succeed then all the folders and subfolders are visited recursively
in order to find secrets in files and … secret files. In order to scan the targets for SMB ports openthe masscan module is used.
The interesting keywords the tool should look for are defined via the command line as well as:

  • File extension blacklist
  • Folder blacklist (Watch out, also subfolders are gone)
  • Number of Threads
  • Should i masscan or not?
  • Interesting file extensions (I guess something like ppk, kdbx, …)
  • Maximum file size allowed to be checked (Believe me, too big might take some time)
  • Other common ones and required

Of course everything is saved locally in a SQlite Database. The database containes one table for the “hopefully it’s a DA password” match, called smbsr containing the
following columns:

  • file
  • share
  • ip
  • position
  • matchedWith

And also another table for the interesting file list containing the following columns:

  • file
  • share
  • ip

Requirements

pip3 install -r requirements.txt

Usage

For instance, from the project folder:

./smbsr.py -IP 127.0.0.1 -word-list-path tomatch.txt -multithread -max-size 1000 -T 2 -username OB -password '****' -domain OB -file-extensions dll,exe,bin

Credits

  • Everyone who is going to help out finding issues and improving
  • Retrospected: For helping out every Friday with debugging the code and brainstorming on new features

GitHub

View Github