Closed sho-luv closed 8 years ago
Hey @sho-luv
Cannot you do it with CrackMapExec?
If you just want that, or want to play with Impacket and Python all you have to do is:
host
is the target IP or FQDN):s = SMBConnection('*SMBSERVER', host)
s.login(username, password, domain)
C$
share:s.connectTree('C$')
If that call succeeds, you're admin.
If you wrap all that up into a script that take targets and username/passwords that could do what you need.
Again, I'm sure it's already implemented by somebody.
hope this helps
Sweet thanks for the helpful information. Yeah CrackMapExec doesn't distinguish between access and admin access. ... I don't think.
Hey @sho-luv, did you get enough information from the original question? If so please close this issue.
thanks!
Oh yeah sorry. Thanks for the help I submitted a pull request to CrackMapExec using your guidance.
How hard would it be to repurpose the code of psexec.py or smbclient.py to check if a the creds had administrator access to the system. psexec basically already does this I just want to be able to give it a file and instead of it giving me a shell or running commands I want it to tell me the user has admin access to the system share. smblogin.py. I will work on it if nobody else is interested.