search for SMB version detection:
use auxiliary/scanner/smb/smb_version
info about parameters of module:
set options: setting up options that we need to launch the module:
set RHOSTS <target>
run: run the module:
nmap -p445 --script smb-protocols <target>
nmap -p139 --script smb-protocols <target>
search for SMB version detection:
use auxiliary/scanner/smb/smb_version
info about parameters of module:
set options: setting up options that we need to launch the module:
set RHOSTS <target>
run: run the module:
nmap -sC -p 139,445 -sV <target>
Scan against a list of IPs using a list file and a single set of credentials:
nxc smb scope_internal.txt -u 'anonymous' -p 'anonymous' --no-bruteforce
Scan against a list of IPs using a list file and a file of credentials:
nxc smb scope_internal.txt -u usernames.txt -p passwords.txt --no-bruteforce
Enumerate shares using a valid username: