Re: [Openvas-discuss] SMB Brute Force Logins With Default Credentials (OID: 1.3.6.1.4.1.25623.1.0.804449)

Mon, 08 Aug 2016 07:22:45 -0700 

Hi

it is strange but OK according to the man page

  smbclient {servicename} [password] [-b <buffer size>] [-d debuglevel] [-e] 
[-D Directory] [-U username] [-W workgroup] [-M <netbios name>] [-m 
maxprotocol] [-A authfile] [-N] [-C] [-g]
        [-l log-basename] [-I destinationIP] [-E] [-c <command string>] [-i 
scope] [-O <socket options>] [-p port] [-R <name resolve order>] [-s <smb 
config file>] [-t <per-operation timeout in seconds>]
        [-T<c|x>IXFqgbNan] [-k]

In any case also supplying the password manually gives the same result

$ smbclient //*/climbing -U admin
Enter admin's password: 
Domain=[D] OS=[Unix] Server=[Samba 3.6.23-35.el6_8]
tree connect failed: NT_STATUS_ACCESS_DENIED

Matteo


> On 08 Aug 2016, at 16:18, Eero Volotinen <[email protected]> wrote:
> 
> Your smbclient syntax looks incorrect. Please check out the manpage..
> 
> Eero
> 
> 
> 8.8.2016 5.14 ip. "Corti Matteo (ID BD)" <[email protected] 
> <mailto:[email protected]>> kirjoitti:
> Hi
> 
> a recent scan shows a lot of hosts with
> 
>        SMB Brute Force Logins With Default Credentials (OID: 
> 1.3.6.1.4.1.25623.1.0.804449) 
> <https://matteo.ethz.ch:9392/omp?cmd=get_info&info_type=nvt&info_id=1.3.6.1.4.1.25623.1.0.804449&token=8625b2bf-59ca-4554-917f-e9d27a4e09c4>
> 
> with the following result
> 
> Vulnerability Detection Result
> It was possible to login with the following credentials via the SMB protocol. 
> <User>:<Pass↵
> word>
> 
> admin:admin
> 
> I am trying to check with smbclient and I don’t succeed
> 
> $ smbclient //***.***.***.***/climbing admin -U admin
> Domain=[D] OS=[Unix] Server=[Samba 3.6.23-35.el6_8]
> tree connect failed: NT_STATUS_ACCESS_DENIED
> 
> What am I missing?
> 
> Regards
> 
> Matteo
> 
> -- 
> ETH Zurich, Dr. Matteo Corti, Leiter ID Basisdienste
> STB H 11.1, Stampfenbachstrasse 69, 8092 Zurich
> Tel +41 44 63 27944, http://www.id.ethz.ch <http://www.id.ethz.ch/>
> 
> _______________________________________________
> Openvas-discuss mailing list
> [email protected] 
> <mailto:[email protected]>
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss 
> <https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss>

-- 
ETH Zurich, Dr. Matteo Corti, Leiter ID Basisdienste
STB H 11.1, Stampfenbachstrasse 69, 8092 Zurich
Tel +41 44 63 27944, http://www.id.ethz.ch

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
Openvas-discuss mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Reply via email to