Server Message Block

Definition:

The SMB protocol is used to shared access to files, printers and serial ports accross computers in the same network. This is a common protocol under Windows machines.

The SMB protocol is usually used with NetBIOS over TCP.

share:

A share is a storage which is present on the network. The IPC$ share has usually no interest because it’s only contains the inter-process communication socket, so just pipes.

Default user

We can use smbclient to try to connect with the guest user: smbclient -NL <ip_address> And just press Enter on the password prompt.

• The -L option is used here to list the shares available on the remote ip_address host.
• The -N option allows you to connect anonymously. If you want to be authenticated, you can use the -U option for username (and potentially domain), then a password will be prompted to you.

Connect to a share

To connect to a share, we can use again smbclient:

smbclient \\\\<ip_address>\\<share_name>

For example:

smbclient \\\\127.0.0.1\\ADMIN$

Commands:

Once you’re connected to the machine, you can use help to see the smbclient help page.

We have multiple Linux (and ftp) commands such as ls, cd, get and exit.