139,445 - SMB
Content below is pulled from:
TryHackMe! KENOBI
SMB has two ports, 445 and 139.

Using nmap scripts to enumerate SMB shares and users
nmap -p 139,445 -T4 --script=smb-enum-shares.nse,smb-enum-users.nse <victim_ip>
Using enum4linux to enumerate SMB shares
enum4linux.pl <victim_ip>
Anonymous SMB login
smbclient //<victim_ip>/anonymous
Anonymous SMB login and list available shares
smbclient -N -L //<victim_ip>
Check null session
rpcclient -U "" -N <victim_ip>
Connect to share as null
smbclient -N //<victim_ip>/IPC$
Recursively download SMB share
smbget -R smb://<victim_ip>/anonymous
Last updated
Was this helpful?