Hi there my fellow hackers, we are back with another tutorial. Today we will see how we can use a Nmap script to scan a target host for SMB vulnerabilities. Let’s have a quick glance on what SMB means.
SMB basically stands for Server Message Block. When it comes to reputation among security vulnerabilities, SMB is an average level vulnerability. It’s versions like SMB1 are used in Windows 2000 and Windows XP. They allowed null sessions, which are used to retrieve a great deal of sensitive information from the target machine. Later versions of the SMB are also responsible for many vulnerabilities which allowed anything from stealing user credentials to remote code execution. For all these above reasons, every penetration tester must check for SMB vulnerabilities.
Here in this tutorial we are using NMap scripts to scan a target host for the SMB vulnerabilities. The NSE(Nmap Scripting Engine) is one of the Nmap’s most flexible and powerful features. The Nmap 7 contains more than 170 new scripts. Let’s go into this tutorial for SMB vulnerabilities with Nmap: The According to the frontpage of the Samba.org, Samba is described as follows:
The following command executes Nmap with a script:
If nmap returns an error try to add –script-args=unsafe=1 so we get the status for SMB vulnerabilities:
