How to fix issues with older SMB versions for Kali 2020
Recently I set up a brand new Kali machine, started toying around with some old machines. Initially I ran nmap and found port 139 was open. When trying to further enumerate the service bumped with incomplete issues. A small fix to the smb.conf file, made them work again.
Two of the common tools for SMB enumeration I use are rpcclient and enum4 linux when working from a Kali machine. Both were throwing off incorrect outputs. For rpcclient this is what I had
rpcclient -U '' -N 172.16.156.129
Cannot connect to server. Error was NT_STATUS_IO_TIMEOUTFirst, I tried to troubleshoot the issue by firing Wireshark and looking what was off in my network or the target machine. Then I decided to look for help (a.k.a Google).
This one might be an old one but better to write up here, so I can reference to it later on. In our SAMBA configuration file (/etc/samba/smb.conf) we need to add a line to specify which is the minimal protocol version that the client will attempt to use. In my case I needed to add this:
client min protocol = NT1Now when trying to connect with rppclient or using enum4linux I’ve no issues.
rpcclient -U '' -N 172.16.156.129
rpcclient $> lsaquery
Domain Name: MYGROUP
Domain Sid: (NULL SID)
rpcclient $>A quick and easy fix, but it was bothering me that it’s not working out the box in Kali 2020 (with a right justification). As I tend to forget little hacks/tricks/configs like this I thought about writing a quick one. Hopefully it will save you some time.
