Enumerating network shares with NetBIOS

netbiosnetworking

I have a case where I need to find all connectable shares on my network, and preferably as much information about the share possible. I could do this manually but its quite a big network and it would be too slow.

If I did it manually Im guessing I would do something like

net view
net use //hostname
<browse it manually>

This would however not give me hidden shares so its not a viable option.

Does anyone know of a tool which can help me out in this case? I already tried Sysinternals ShareEnum but it did not work properly. It did a half decent job, but it gave me access denied on tons of shares that was actually open.

Any tips in how I can script this is also appriciated.

Thank you

Best Answer

Use nmap + nmap scripts: http://nmap.org/nsedoc/scripts/smb-enum-shares.html

"sudo nmap -sU -sS --script smb-enum-shares.nse -p U:137,T:139 "

Or stack the options:

nmap -v -sU -sS --min-hostgroup 50 --script=smb-os-discovery --script=smbv2-enabled --script=smb-enum-domains --script=smb-enum-groups --script=smb-enum-processes --script=smb-enum-sessions --script=smb-enum-users --script=smb-security-mode --script=smb-server-stats --script=smb-system-info -p 137,139,445 -oA nmap.smb.scripts.scan.results 10.10.10.10/24

List of all the nmap scripts: http://www.nmap.org/nsedoc/

Best Answer

Related Solutions

Get duplicate network name errors on the VMware NAT network

NetBIOS Network – Creating a NetBIOS-Free Network on Windows

Related Topic