Closed 0xchrisb closed 6 years ago
Fix: I would add the "-g" parameter to the smbclient command which provides a better format for parsing and then change the regex in order to parse the new output.
diff --git a/SMBHunt.pl b/SMBHunt.pl
index 723d544..ab7e3c9 100755
--- a/SMBHunt.pl
+++ b/SMBHunt.pl
@@ -69,7 +69,7 @@ BLOCKOUT
open($printOut, ">$outputFile") or die $! if ($outputFile);
my $gotError = 0;
foreach my $a (@ips_with_445) {
- my @output = `smbclient -L $a -N -A $temp_file 2> /dev/null`;
+ my @output = `smbclient -g -L $a -N -A $temp_file 2> /dev/null`;
my $startCapture = 0;
foreach my $b (@output) {
if ($b =~ /NT_STATUS_LOGON_FAILURE/i and !$force) {
@@ -86,9 +86,9 @@ BLOCKOUT
}
}
- if ($b =~ /\s+Disk\s+/i or $b =~ /\s+Printer\s+/i) {
- if ($b =~ /^\s+([^\s]+)\s/) {
- my $res = $1;
+ if ($b =~ /^Disk\|/i or $b =~ /^Printer\|/i) {
+ if ($b =~ /^(Disk|Printer)\|(.+)\|(.+)$/) {
+ my $res = $2;
unless ($nohidden and $res =~ /\$/)
{
print $printOut "\\\\$a\\$res\n" if ($printOut);
@@ -96,8 +96,8 @@ BLOCKOUT
}
}
}
- if (!$noipc and $b =~ /\s+IPC\s+/i) {
- if ($b =~ /^\s+([^\s]+)\s/) {
+ if (!$noipc and $b =~ /^IPC/i) {
+ if ($b =~ /^IPC\|(.+)\|(.+)$/) {
my $res = $1;
unless ($nohidden and $res =~ /\$/)
{
I merged your fix. Thanks for finding the bug and contributing!
Hi, Noticed that a share containing the following does not get indexed correctly as the regex in line 89 in https://github.com/Raikia/SMBCrunch/blob/master/SMBHunt.pl terminates at the whitespace:
Files on share: asd asd Foobar
Current output: \172.11.132.1\Foobar \172.11.132.1\asd \172.11.132.1\IPC$