In some rare situations, such as when the SMB share directory and the webserver root directory are the same, an attacker could even exploit the misconfiguration to achieve code execution. SMB can often be a great starting point for an attacker looking to discover sensitive information - you'd be surprised what is sometimes included on these shares. Typically, there are SMB share drives on a server that can be connected to and used to view or transfer files. Enumeration can be used to gather usernames, passwords, network information, hostnames, application data, services, or any other information that may be valuable to an attacker. This process is essential for an attack to be successful, as wasting time with exploits that either don't work or can crash the system can be disastrous. Today, we will be using a tool called Enum4linux to extract information from a target, as well as smbclient to connect to an SMB share and transfer files.Įnumeration is the process of gathering information on a target in order to find potential attack vectors and aid in exploitation. It was initially used on Windows, but Unix systems can use SMB through Samba. If(is_dir("$address/$entry") & ($entry != "." & $entry != ".SMB (Server Message Block) is a protocol that allows resources on the same network to share files, browse the network, and print over the network. This is the function which is doing the search. I run the function here to start the search. Put the date you want to compare with in the format of: YYYY-mm-dd hh:mm:ss Put / if you want to search your entire domain Put here the directory you want to search for. This script will go through all folders in the specified directory recursively and echo the modified files with the last modified date/time. Here is a small but handy script that you can use to find which files in your server are modified after a date/time that you specify. $highestKnown ) $highestKnown = $currentValue Įcho 'The newest file has the time stamp:' Įcho date ( 'Y-m-d H:i:s', getHighestFileTimestamp ( './' )) if you want to find out when the last change was made to your project). It could be useful to determinate the timestamp of the newest file in a directory. The function below takes care of any redirections, even multiple redirections, so that you reach the real file of which you want the last modification date. In such a case, the server HTTP response contains no Last-Modified header, but there is a Location header indicating where to find the file. However a problem may arise if some redirection occurs. To get the modification date of some remote file, you can use the fine function by notepad at codewalker dot com (with improvements by dma05 at web dot de and madsen at lillesvin dot net).īut you can achieve the same result more easily now with stream_get_meta_data (PHP>4.3.0). Getting Started Introduction A simple tutorial Language Reference Basic syntax Types Variables Constants Expressions Operators Control Structures Functions Classes and Objects Namespaces Enumerations Errors Exceptions Fibers Generators Attributes References Explained Predefined Variables Predefined Exceptions Predefined Interfaces and Classes Predefined Attributes Context options and parameters Supported Protocols and Wrappers Security Introduction General considerations Installed as CGI binary Installed as an Apache module Session Security Filesystem Security Database Security Error Reporting User Submitted Data Hiding PHP Keeping Current Features HTTP authentication with PHP Cookies Sessions Dealing with XForms Handling file uploads Using remote files Connection handling Persistent Database Connections Command line usage Garbage Collection DTrace Dynamic Tracing Function Reference Affecting PHP's Behaviour Audio Formats Manipulation Authentication Services Command Line Specific Extensions Compression and Archive Extensions Cryptography Extensions Database Extensions Date and Time Related Extensions File System Related Extensions Human Language and Character Encoding Support Image Processing and Generation Mail Related Extensions Mathematical Extensions Non-Text MIME Output Process Control Extensions Other Basic Extensions Other Services Search Engine Extensions Server Specific Extensions Session Extensions Text Processing Variable and Type Related Extensions Web Services Windows Only Extensions XML Manipulation GUI Extensions Keyboard Shortcuts ? This help j Next menu item k Previous menu item g p Previous man page g n Next man page G Scroll to bottom g g Scroll to top g h Goto homepage g s Goto search
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |