SMBetray icon indicating copy to clipboard operation
SMBetray copied to clipboard

Published 20 hours ago verified publisher icon quickbreach

I don't understand how it works...

Open r00t-Taurus opened this issue 7 years ago • 6 comments

I have this in my network 2018-08-13_13-39-08

I execute sudo arpspoof -i <iface> -c both -t <target_ip> -r <gateway_ip>

Then execute sudo ./smbtray.py --passive ./NORUSTEXT -I wlan0

But I didn't get what you got.

2018-08-13_13-44-53

Why?

PS I am n00b, sorry.

r00t-Taurus avatar Aug 13 '18 10:08 r00t-Taurus

Once you get arpspoof and SMBetray running, what are you doing on the victim PC?

quickbreach avatar Aug 13 '18 14:08 quickbreach

I'm not doing anything

r00t-Taurus avatar Aug 13 '18 17:08 r00t-Taurus

This attack intercepts SMB connections, so once you have everything running, your victim needs to do something like open a folder on a network share or open a file on a share

quickbreach avatar Aug 13 '18 22:08 quickbreach

So, I open file or folder in victim PC but it still not work, maybe problem in this: when I go to NORUSTEXT, there's only the Users folder (there are files in that folder) I tried sudo ./smbtray.py --passive ./NORUSTEXT/Users -I wlan0 but it didn't work.

r00t-Taurus avatar Aug 14 '18 06:08 r00t-Taurus

Is NORUSTEXT the network share, or is it the client connecting to a share?

quickbreach avatar Aug 14 '18 16:08 quickbreach

I don't know what it, I enable Network discovery and File sharing in victim PC.

r00t-Taurus avatar Aug 14 '18 17:08 r00t-Taurus