Well. exposing samba protocol to internet without ipsec is not wise thing
to do. It might be also problem with NVT.
Eero
2016-08-08 21:45 GMT+03:00 Corti Matteo (ID BD) <co...@ethz.ch>:
> Hi
>
> On 08 Aug 2016, at 16:42 , Eero Volotinen <eero.voloti...@iki.fi> wrote:
>
> You are sensoring the input, so it's bit hard to guess the parameters.
>
>
> Just the IP address. If the server is really vulnerable it would be unwise
> to tell it to the whole world
>
>
> try something like smbclient //ip.address/sharename -U admin%admin or
> smbclient //ip.address/c$ -U admin%admin
>
>
> $ smbclient //*/climbing -U admin%admin
> Domain=[D] OS=[Unix] Server=[Samba 3.6.23-35.el6_8]
> tree connect failed: NT_STATUS_ACCESS_DENIED
> $ smbclient //*/c$ -U admin%admin
> Domain=[D] OS=[Unix] Server=[Samba 3.6.23-35.el6_8]
> tree connect failed: NT_STATUS_BAD_NETWORK_NAME
>
> It is not a problem with the smbclient syntax. I can also try to mount the
> share with an OS X or Windows machine.
>
> Same result.
>
> Matteo
>
>
> 2016-08-08 17:22 GMT+03:00 Corti Matteo (ID BD) <co...@ethz.ch>:
>
>> Hi
>>
>> it is strange but OK according to the man page
>>
>> smbclient {servicename} [password] [-b <buffer size>] [-d debuglevel]
>> [-e] [-D Directory] [-U username] [-W workgroup] [-M <netbios name>] [-m
>> maxprotocol] [-A authfile] [-N] [-C] [-g]
>> [-l log-basename] [-I destinationIP] [-E] [-c <command string>]
>> [-i scope] [-O <socket options>] [-p port] [-R <name resolve order>] [-s
>> <smb config file>] [-t <per-operation timeout in seconds>]
>> [-T<c|x>IXFqgbNan] [-k]
>>
>> In any case also supplying the password manually gives the same result
>>
>> $ smbclient //*/climbing -U admin
>> Enter admin's password:
>> Domain=[D] OS=[Unix] Server=[Samba 3.6.23-35.el6_8]
>> tree connect failed: NT_STATUS_ACCESS_DENIED
>>
>> Matteo
>>
>>
>> On 08 Aug 2016, at 16:18, Eero Volotinen <eero.voloti...@iki.fi> wrote:
>>
>> Your smbclient syntax looks incorrect. Please check out the manpage..
>>
>> Eero
>>
>> 8.8.2016 5.14 ip. "Corti Matteo (ID BD)" <co...@ethz.ch> kirjoitti:
>>
>>> Hi
>>>
>>> a recent scan shows a lot of hosts with
>>>
>>> SMB Brute Force Logins With Default Credentials (OID:
>>> 1.3.6.1.4.1.25623.1.0.804449)
>>> <https://matteo.ethz.ch:9392/omp?cmd=get_info&info_type=nvt&info_id=1.3.6.1.4.1.25623.1.0.804449&token=8625b2bf-59ca-4554-917f-e9d27a4e09c4>
>>>
>>> with the following result
>>>
>>> *Vulnerability Detection Result*
>>>
>>> It was possible to login with the following credentials via the SMB
>>> protocol. <User>:<Pass↵
>>> word>
>>>
>>> admin:admin
>>>
>>>
>>> I am trying to check with smbclient and I don’t succeed
>>>
>>> $ smbclient //***.***.***.***/climbing admin -U admin
>>> Domain=[D] OS=[Unix] Server=[Samba 3.6.23-35.el6_8]
>>> tree connect failed: NT_STATUS_ACCESS_DENIED
>>>
>>> What am I missing?
>>>
>>> Regards
>>>
>>> Matteo
>>>
>>> --
>>> ETH Zurich, Dr. Matteo Corti, Leiter ID Basisdienste
>>> STB H 11.1, Stampfenbachstrasse 69, 8092 Zurich
>>> Tel +41 44 63 27944, http://www.id.ethz.ch
>>>
>>>
>>> _______________________________________________
>>> Openvas-discuss mailing list
>>> Openvas-discuss@wald.intevation.org
>>> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/o
>>> penvas-discuss
>>>
>>
>> --
>> ETH Zurich, Dr. Matteo Corti, Leiter ID Basisdienste
>> STB H 11.1, Stampfenbachstrasse 69, 8092 Zurich
>> Tel +41 44 63 27944, http://www.id.ethz.ch
>>
>>
>
> --
> ETH Zurich, Dr. Matteo Corti, Leiter ID Basisdienste
> STB H 11.1, Stampfenbachstrasse 69, 8092 Zurich
> Tel +41 44 63 27944, http://www.id.ethz.ch
>
>
_______________________________________________
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
