View Issue Details

IDProjectCategoryView StatusLast Update
0005739Kali LinuxFeature Requestspublic2020-12-01 10:41
ReporterTonghuaRoot Assigned To 
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionopen 
Product Version2019.3 
Summary0005739: It seems that the version bug of smbclient causes no way to enumerate the smb service version.
Description

Hi,Bro

When I use enum4linux,I can't get smb version info,and I get this message:

Use of uninitialized value $os_info in concatenation (.) or string at ./enum4linux.pl line 464.

Then I search some link,like https://github.com/portcullislabs/enum4linux/issues/5,seems is smbclient's bug.

I use this command can't get any thing.

smbclient -W 'MYGROUP' //'192.168.199.230'/ipc$ -U''%'' -c 'q' 2>&1

In bug tracker have link https://bugs.kali.org/view.php?id=4495,the same problem exists,But it doesn't seem to be fixed, in the new version of kali.
The way of modifying the configuration file mentioned in it does not solve the problem.

Use the Metasploit Auxiliary smb_version scanner can do it,but seems it deny in OSCP.

Could you give me some suggestion?

Steps To Reproduce

smbclient -L <target>

ex:
smbclient -L 192.168.199.230

or:
smbclient -W 'MYGROUP' //'192.168.199.230'/ipc$ -U''%'' -c 'q' 2>&1

or:
enum4linux 192.168.199.230

Additional Information

root@kali:~# uname -a
Linux kali 5.2.0-kali2-amd64 0000001 SMP Debian 5.2.9-2kali1 (2019-08-22) x86_64 GNU/Linux
root@kali:~# smbclient -V
Version 4.9.11-Debian
root@kali:~# smbclient -L 192.168.199.230
Server does not support EXTENDED_SECURITY but 'client use spnego = yes' and 'client ntlmv2 auth = yes' is set
Anonymous login successful
Enter WORKGROUP\root's password:

Sharename       Type      Comment
---------       ----      -------
IPC$            IPC       IPC Service (Samba Server)
ADMIN$          IPC       IPC Service (Samba Server)

Reconnecting with SMB1 for workgroup listing.
Server does not support EXTENDED_SECURITY but 'client use spnego = yes' and 'client ntlmv2 auth = yes' is set
Anonymous login successful

Server               Comment
---------            -------
KIOPTRIX             Samba Server

Workgroup            Master
---------            -------
MYGROUP              KIOPTRIX

root@kali:~#

Attached Files
enum4linux_bug.png (198,571 bytes)   
enum4linux_bug.png (198,571 bytes)   

Activities

SecurityWaffle

SecurityWaffle

2019-10-25 15:06

reporter   ~0011223

This bug is caused by a bug in the smbclient package where rpcclient doesn't return any information when enumerating.

g0tmi1k

g0tmi1k

2020-12-01 10:41

administrator   ~0013724

This report has been filed against an old version of Kali. We will be closing this ticket due to inactivity.
Please could you see if you are able to replicate this issue with the latest version of Kali Linux (https://www.kali.org/downloads/)?
If you are still facing the same problem, feel free to re-open the ticket. If you choose to do this, could you provide more information to the issue you are facing, and also give information about your setup?
For more information, please read: https://kali.training/topic/filing-a-good-bug-report/

Issue History

Date Modified Username Field Change
2019-10-13 12:06 TonghuaRoot New Issue
2019-10-13 12:06 TonghuaRoot File Added: enum4linux_bug.png
2019-10-25 15:06 SecurityWaffle Note Added: 0011223
2020-12-01 10:41 g0tmi1k Note Added: 0013724
2020-12-01 10:41 g0tmi1k Status new => closed