Windows: SMB Server CrackMapExec

overview

A Kali GUI machine and a target machine running a vulnerable SMB service are provided to you. The IP address of the target machine is provided in a text file named target placed on the Desktop of the Kali machine (/root/Desktop/target).

Your task is to fingerprint the SMB service using the tools available on the Kali machine and then use the CrackMapExec tool to perform a post-exploitation on the SMB service and extract sensitive information i.e windows users hashes, LSA secrets, shared folders information, etc.

Objective: Exploit the SMB service to get a meterpreter on the target and retrieve the flag!

Instructions:

• Your Kali machine has an interface with IP address 10.10.X.Y. Run “ip addr” to know the values of X and Y.

• The IP address of the target machine is mentioned in the file “/root/Desktop/target”

• Do not attack the gateway located at IP address 192.V.W.1 and 10.10.X.1

• Dictionaries to use:

• /usr/share/metasploit-framework/data/wordlists/common_users.txt

• /usr/share/metasploit-framework/data/wordlists/unix_passwords.txt

solutions

The solution for this lab can be found in the following manual: https://assets.ine.com/labs/ad-manuals/walkthrough-1962.pdf