1. Task
Task1
Q: What does the 3-letter acronym SMB stand for?
A: Server Message Block
Task2
Q: What port does SMB use to operate at?
A: 445
Task3
Q: What is the service name for port 445 that came up in our Nmap scan?
A: microsoft-ds
Task4
Q: What is the 'flag' or 'switch' that we can use with the smbclient utility to 'list' the available shares on Dancing?
A: -L
I'm using Ubuntu so I intalled 'smbclient' by this command.
sudo apt-get install smbclient
We can find command: -h or --help option
Task5
Q: How many shares are there on Dancing?
A: 4
Task6
Q:What is the name of the share we are able to access in the end with a blank password?
A: WorkShares
ADMIN$ is an Adminstrative share. C$ means C drive where OS is installed in. and IPC$ is inter-process communication share. IPC is using named pipes, this is not part of system
Task7
Q: What is the command we can use within the SMB shell to download the files we find?
A: get
also you can search commands we can use.
FLAG
we can find flag.txt in WorkShares.
We can access WorkShares directory.
smbclient \\\\{Target IP}\\WorkShares
2. More
2.1 SMB
SMB stands for Server Message Block. SMB is network file-sharing protocol and is used in Window system mostly.
In this box, we don't have any credential. But we can log in to the server without password, performing Guest authentication or Anonymous authentication.
