| SMB Version | Supported | Features |
|---|---|---|
| CIFS | Windows NT 4.0 | Communication via NetBIOS interface |
| SMB 1.0 | Windows 2000 | Direct connection via TCP |
| SMB 2.0 | Windows Vista, Windows Server 2008 | Performance upgrades, improved message signing, caching feature |
| SMB 2.1 | Windows 7, Windows Server 2008 R2 | Locking mechanisms |
| SMB 3.0 | Windows 8, Windows Server 2012 | Multichannel connections, end-to-end encryption, remote storage access |
| SMB 3.0.2 | Windows 8.1, Windows Server 2012 R2 | |
| SMB 3.1.1 | Windows 10, Windows Server 2016 | Integrity checking, AES-128 encryption |
NetBIOS: Network Basinc Input/Output System:
Commandes RPCClient:
| Query | Description |
|---|---|
srvinfo |
Server information. |
enumdomains |
Enumerate all domains that are deployed in the network. |
querydominfo |
Provides domain, server, and user information of deployed domains. |
netshareenumall |
Enumerates all available shares. |
netsharegetinfo <share> |
Provides information about a specific share. |
enumdomusers |
Enumerates all domain users. |
queryuser <RID> |
Provides information about a specific user. |
Possible d’enumerer users par RIDs via RPC → CrackMapExec / Enum4Linux (utiliser les 2 pour résultat complet)
Shell RPC:
rpcclient -U "" -N $HOST
Lister les partages:
smbclient -N -L //10.129.14.128