+ Reply to Thread
Results 1 to 3 of 3
  1. Junior Member
    Join Date
    Mar 2015
    Location
    North VA, USA
    Posts
    17

    Certifications
    CEH, MCDBA, OCP 10g, 11g
    #1

    Default OSCP newbie and SMB frustration

    I am starting the OSCP on April 18th. Anyone else recently started or going to start in April? I spent the last 2 days trying to get an smb hidden share "attack" to work using ncrack smb_brute and smbclient against a windows xp sp3 VM (website modern.ie) . So far nothing has worked even when I provide the admin username and password!

    XP firewall is disabled. As far as I can see it is because of this setting -->"sharing and security model for local accounts" being set to "guest only local users authenticate as guest".

    This makes it so that linux or windows users can't pass a username to connect to a hidden share. The username field is hard coded to username guest and guest can't access hidden shares. Even though I wasn't able to crack my XP VM yet, I have learned a lot about smb brute force attacks.

    Anyway, It would be good to know who is part of the OSCP class of ~March/April 2015. As some of you already know, it can get really frustrating when you spend a lot of hours and don't reach the root shell. Helping each other to know what to focus on and what may not be worth the time will be very valuable.

    mabraFoo
    BS/MS Computer Science
    15 year MSSQL / Oracle DBA
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member YFZblu's Avatar
    Join Date
    Nov 2011
    Posts
    1,423

    Certifications
    A+, N+, S+, CCNA, CCNA:Sec, GSEC, GCIH, GCFE
    #2
    It's very difficult to help without knowing your XP configuration or the syntax you're using during these attacks. The fact that you are failing using valid system credentials makes me think something may be up with your XP configuration or command-line syntax.
    Reply With Quote Quote  

  4. Junior Member
    Join Date
    Mar 2015
    Location
    North VA, USA
    Posts
    17

    Certifications
    CEH, MCDBA, OCP 10g, 11g
    #3
    It's all right, I am 99.9 % sure it is caused by this security policy setting -> sharing and security model for local accounts" being set to "guest only local users authenticate as guest". When I try to connect to the C$ hidden share from another xp machine, the guest username is set and is grayed out. The setting forces everyone to connect as the guest user.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks