smbpasswd

Scans SMB ports with Nmap

nmap -v -sT -sV -sC -A -p 139,135,455 <IP>

Enumerate SMB Shares with smbclient

smbclient -L //<IP> -U u1
smbclient -L //<IP> -U 'devnull.infosecwarrior'

Change SMB Password using Remote Server

smbpasswd -r <IP> -U '<username>'

Enable Debugging Output

smbpasswd -D 3 -r <IP> -U '<Username>'

Execute Commands Remotely with impacket-psexec

impacket-psexec <domain>/<username>:<password>@<IP>
PreviousNetBIOS and LLMNR Name poisioningNextAS-REP Roasting Attack

Last updated