Need a simple smb scanner to search windows shares on a network?



Here a very simple script, made with nmap, smbclient and some shell commands.



Usage

Obviously, the scanner uses the same syntax used by nmap:

./smbscanner 192.168.0.*

Dependencies

Just nmap and smbclient, on Ubuntu/Debian:

sudo apt install nmap smbclient

Some highlights

I have used the -oG option in nmap:

-oN/-oX/-oS/-oG <file>: Output scan in normal, XML, s|<rIpt kIddi3,
and Grepable format, respectively, to the given filename.

after, with grep, cut and uniq i have obtained a list of unique ip with the 445 port opened.

Finally, with xargs i’ve passed the ip list to smbclient with -L option:

-L| — list
This option allows you to look at what services are available on a server.