Crackmapexec Smb Cheat Sheet

A Quick and Easy CrackMapExec SMB Cheat Sheet

CrackMapExec (CME) is a versatile and powerful tool for pentesters and red teamers who want to perform various attacks and operations on Windows networks using the Server Message Block (SMB) protocol. SMB is a network file sharing protocol that allows users to access files, printers, and other resources on a remote server. SMB is also used for authentication, authorization, and communication between Windows hosts.

In this article, we will provide a simple and concise cheat sheet for using CME to perform common tasks such as enumeration, credential spraying, command execution, and credential dumping using SMB. We will assume that you have already installed CME on your system and that you have a valid username and password or hash to authenticate to the target network. We will also use the following notation:

• 10.0.0.0/24: The target network subnet.

• UserName: The username to authenticate with.

• PASS: The password or hash to authenticate with.

• DOMAIN: The domain name of the target network.

• HOST: The IP address or hostname of a specific target host.

Enumeration

Enumeration is the process of gathering information about the target network, such as live hosts, shares, sessions, users, groups, policies, etc. CME provides various options to perform enumeration using SMB. Here are some examples:

crackmapexec smb cheat sheet

Download Zip: https://corppresinro.blogspot.com/?d=2tFZVm

Network Enumeration

To scan the target network for live hosts and their basic information, such as OS version, name, domain, signing status, and SMB version, use the following command:

cme smb 10.0.0.0/24

This will output something like this:

SMB 10.0.0.1 445 DC01 [*] Windows Server 2019 Standard 17763 x64 (name:DC01) (domain:DOMAIN) (signing:True) (SMBv1:False)

SMB 10.0.0.2 445 WEB01 [*] Windows Server 2016 Standard 14393 x64 (name:WEB01) (domain:DOMAIN) (signing:True) (SMBv1:False)

SMB 10.0.0.3 445 SQL01 [*] Windows Server 2016 Standard 14393 x64 (name:SQL01) (domain:DOMAIN) (signing:True) (SMBv1:False)

SMB 10.0.0.4 445 WIN10 [*] Windows 10 Pro 19041 x64 (name:WIN10) (domain:DOMAIN) (signing:False) (SMBv1:False)

Share Enumeration

To enumerate the available shares on the target hosts and check their access permissions, use the following command:

cme smb 10.0.0.0/24 -u UserName -p 'PASS' --shares

This will output something like this:

SMB 10.0.0.1 445 DC01 [+] DOMAIN\\UserName:PASS

SMB 10.0.0.1 445 DC01 [+] Enumerated shares

SMB 10.0.0.1 445 DC01 Share Permissions Remark

SMB 10.0.0.1 445 DC01 ----- ----------- ------

SMB 10.0.0.1 445 DC01 ADMIN$ READ Remote Admin

SMB 10.0.0.1 445 DC01 C$ READ Default share

SMB 10.0.0.1 445 DC01 IPC$ READ Remote IPC

SMB 10.0.0.1 445 DC01 NETLOGON READ Logon server share

SMB 10.0.0.1 445 DC01 SYSVOL READ Logon server share

...SNIP...

Session Enumeration

To enumerate the active sessions on the target hosts and get their usernames and source IPs, use the following command:

cme smb 10 06063cd7f5

https://www.jasmeetsanand.com/forum/welcome-to-the-forum/cx-programmer-7-2-free-download

https://www.houstonmouves.com/group/vendor-list/discussion/71629272-ede2-4f48-9f1d-65a221cf16b1

https://www.donpareil.com/forum/questions-answers/sketchup-pro-2015-crack-64-bit-download