- First, will use the services command to display the results from our previous nmap scan and filter for ports 139 and 445:
msf > services -c port,info -p 139,445 192.168.216.129Services========host port info---- ---- ----192.168.216.129 139 Samba smbd 3.X - 4.X workgroup: WORKGROUP192.168.216.129 445 Samba smbd 3.0.20-Debian workgroup: WORKGROUPmsf >
- Now that we know the version of the Samba daemon running, we can search for vulnerabilities and then use the search command to search for available exploits.
By doing some research online for Common Vulnerabilities and Exposures (CVE) related to Samba 3.0.20 on https://www.cvedetails.com, we can find some vulnerabilities we can exploit.
- Using the search command and filtering ...