CIFS tools

From: Chris McNab (chris.mcnab@trustmatta.com)
Date: Thu Nov 06 2003 - 14:27:13 EST


Hi,

Recently I've used the SMB auditing tool (SMB-AT), available from
http://www.cqure.net to perform enumeration and brute force password
grinding attacks against accessible CIFS services running on port 445. I
have found some shortfalls with this software, as specific information
presented by tools such as enum and winfo cannot be accessed through SMB-AT.

Does anyone know of other offensive tools for use against CIFS, or should I
simply use the clients within Samba-TNG.. ?

Thanks,

Chris

Chris McNab
Technical Director

Matta
18 Noel Street
London W1F 8GN

http://www.trustmatta.com

---------------------------------------------------------------------------
Network with over 10,000 of the brightest minds in information security
at the largest, most highly-anticipated industry event of the year.
Don't miss RSA Conference 2004! Choose from over 200 class sessions and
see demos from more than 250 industry vendors. If your job touches
security, you need to be here. Learn more or register at
http://www.securityfocus.com/sponsor/RSA_pen-test_031023
and use priority code SF4.
----------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:42 EDT