I am trying to list a shared folder I have on the desktop of a virtual machine. with these commands:
nmap -sU -sS --script smb-enum-shares.nse -p U:137,T:139 10.10.10.115
nmap --script smb-enum-shares.nse -p445 10.10.10.115
The combined output is :
Nmap scan report for 10.10.10.115
Host is up (0.00s latency).
PORT STATE SERVICE
445/tcp open microsoft-ds
139/tcp open netbios-ssn
137/udp open netbios-ns
MAC Address: 08:00:27:31:DB:FC (Oracle VirtualBox virtual NIC)
This is not the output I am supposed to get referring to this : https://nmap.org/nsedoc/scripts/smb-enum-shares.html
Why is it not listing the shared folder on the desktop ? I have set maximum permission to everyone for the folder.
Thank you !
Guillaume
Seems like a bug in nmap https://github.com/nmap/nmap/issues/704
You can try -d flag to run nmap in debug mode. I see the "SMB: Login as \guest failed (NT_STATUS_ACCOUNT_DISABLED)" error. But other utilites (e.g. softperfect network scanner) works fine without specific permisions on remote machine.
See documentation: smb-enum-shares. Use function add_account in smbauth module
Related
I would like to know if I can obtain ssh version using nmap of my external vps.
nmap -p 22 sV <domainname>
result:
22/tcp filtered ssh
Is there another nmap syntax so I can obtain ssh service version?
Just want to obtain the ssh service version of my external vps.
I tried alot of nmap commands but probably there's a struggle in-between like a firewall, which causes a filtered state. My own network is behind a DrayTek Device. Maybe a possible cause?
Thanks in advance!
The nmap option --badsum is able to provide insight about the existence of a firewall. A non firewall device that runs a full network stack will silently drop a bad checksum. In the case that your scan reaches an end device, you would expect to see the same result as your -sV scan. A firewall may offer a different reply to the --badsum.
The answer to your question regarding version, is that -sV is ideal, however -A may run some scripts that return useful information. You can also run --script=sshv1 or another specific script that is ssh related. More script options are here nmap scripts.
I am attempting to set up a VM using VirtualBox. I am hosting on Windows 10 and want to set up a CentOS vm. I have a VM running but have had problems getting network connectivity with it. I have no experience with VirtualBox and it has been a long time since I worked on Linux. Any ideas on what I need to do to correct this? Are there some steps I need to take during the creation of the image?
Image is : CentOS-7-x86_64-Everything-1708.iso
VirtualBox : Version 5.1.28 r117968 (Qt5.6.2)
When I try to ping anything I get " connection the Network is unreachable
The very best thing you should do is running the following command:
ifconfig -a
Then, If you have an interface listed (not just 'lo'), you can do that:
# cd /etc/sysconfig/network-scripts/
# sed -i -e 's#^ONBOOT="no#ONBOOT="yes#' ifcfg-{{network_device}}
replace {{network_device}} for your default network_device (from ifconfig-a command).
Then restart and it should connect.
For a quiz I must fill in the following question:
Which distribution of Linux is on the server. They give me only a ip adress "37.59.41.190". How can I check this external?
Use nmap command to find Operating System details, it's not 100% accurate, though,
nmap -O <ip address>
nmap runs different OS fingerprint check techniques.
I'm sure it's something simple but I can't figure it it. I have an nmap command like the following, because I want to test the tool with my website
nmap -p80 --system-dns --script http-wordpress-plugins.nse legault.cc
The output is the following
Starting Nmap 7.11 ( https://nmap.org ) at 2016-03-24 20:42 Eastern Daylight Time
Nmap scan report for legault.cc (192.254.232.221)
Host is up (0.092s latency).
PORT STATE SERVICE
80/tcp open http
Nmap done: 1 IP address (1 host up) scanned in 6.71 seconds
It seems to me that the script should run, because the port is open, Wordpress is installed correclt and the login page is at /wp-login.php
Advice would be greatly appreciated!
The http-wordpress-plugins script was renamed to http-wordpress-enum in version 6.49. If you still have the old script, it may not work the same with the current version of Nmap. The new version works for me with that target. You can use the -d option to see debugging output from the script that may be helpful.
Im trying to create a script that will start a Shared Virtual Machine from a different computer. The script is completing however in the VMWare Workstation GUI the virtual machine is being put into the My Computer section and then started up and not started up in the Shared VMs section (where the VM is actually meant to be). The command is written below where the top line is the command and bottom is syntax - just for clarification.
vmrun -T ws 192.168.137.2:443/sdk start \\192.168.137.2\VMs\SKYNET\SKYNET.vmx gui
vmrun -T ws HOST IP AND PORT CMD PATH TO VMX FILE ON NETWORK
EDIT: Just as clarification, i need to try and find a command that will start a vmware virtual machine as a shared machine, not one on "my computer". Any help would be great!
The following works for me:
vmrun -T ws-shared -h https://bnehyp03.dev.randomnoun:443/sdk \
-u myLinuxUsername -p myLinuxPassword start \
"[ha-datacenter/standard] bnedev01/bnedev01.vmx"
(replacing "bnehyp03.dev.randomnoun:443" with the host:port of your server, and the username/password and the path to the vmx file as appropriate)
Note the "[ha-datacenter/standard]" prefix to the vmx path, which doesn't seem to be necessary for non-shared VMs. I can't find this documented anywhere on the vmware site.
The vmx path is relative to the VM shared folder in VMware Workstation (under Edit->Preferences->Shared VMs)
Also, if you don't have exactly the same version of VMware running on both the client and the server, you may get a segmentation fault when you run the vmrun command.
Here is the working example from my system based on Greg Knox's answer.
vmrun -T ws-shared -h https://<localmachinename-or-localhost>:443/sdk start "[ha-datacenter/standard] 00_W7CL01/00_W7CL01.vmx" nogui
(and then I enter user/pass manually)