If you see a service with TCP port 445 open, then it is probably running SMB. SMB is used for file sharing services. You will also see it related to other protocols in its operation:
Here is a check list of common things to check:
- Can you enumerate the server version?
- Can you enumerate shares?
- What versions of the protocol are enabled?
- Can you connect using anon bind?
- Are there any known vulnerabilities?
- Can you enumerate usernames?
- Is SMB signing enabled?
- Are there other hosts in the subnet that can be used?
Read more “Server Message Block (SMB) Enumeration, Attack and Defence”
I rarely get a chance to play HTB these days 🙁 but today I thought i’d get back on it.. then I had a three hour battle with a graphics driver and Vmware Workstation so that basically ruined that idea…. but I thouht I’d try and remember how to CTF again.. and boy do you get slow fast! Well to try and help people and myself I’ve started to write down some notes to get my mind back into the CTF world of HTB!
Setup & Scope
Ok this is the setup phase. Let’s grab the details
Read more “mRr3b00t Learns to play HTB again!”
- Take note of the machine name
- Remember most boxes are called .htb or .htb.local
- There’s not an “internet” dns inside the arena so you need to update hosts files
- Take note of the box author
- Take note of the IP
- Take note of the OS version
- Get you digital notebook ready