What is SMB? Info Server Message Block (SMB) SMB has a pretty bad rep in regards to security espically with the recent, 2017, infamous exploit EternalBlue CVE-2017-0144. But how can you find it, exploit it, and even use it to help with a red team engagement? Lets find out. Enumerating Before you can do anything you need to discover shares on the network. From here you can try to see if any shares allow anonymous access or what restricted share exists.
Let’s use hashcat to generate a custom word-list we can make use of with password spraying attacks. Users typically have passwords that have a set pattern, such as if a company has a policy of resetting passwords monthly it is not surpring to find that users have their password contain the current Month of the year. Prehaps a companies password policy is longer you could then expect users to use seasons as part of their password.
HTB Writeup: friendzone Introduction Friendzone was my third box to own on HackTheBox. I learnt alot from this box. Such as exploiting Local File Inclusion (LFI) to have PHP execute my reverse shell, to understanding more about DNS and the ways python imports libraries. Enumeration nmap Running nmap on a server will give a lot of information on what ports are open on the machine and what services those ports belong to.
So I have started a blog. Here you should find write ups on CTFs and machines on HackTheBox and my experiences in the industry as try to improve my skills in cyber security. I want to start documenting and recording things I learn to help others but also to serve as notes for myself. I’m just starting out and very much a noob so do not expect too much. – Sam