Skip to content

live smbapi session command

Jump to bottom
skelsec edited this page Apr 14, 2021 · 1 revision

What it does

Enumerates sessions the target(s) using windows API and the current user context.

Remarks

Each target's tcp/445 port will be connected to first and only the ones allowing the TCP connection will be actually enumerated.

Requirements

You might need to be administrator on the remote host for this depending on the settings.

Subcommands

  • enum : Enumerates all shares on the target(s)

Switches

  • -o: Writes the TGT to file in KIRBI format
  • --json : Print credentials in JSON format
  • -f : Targets file, one line per IP or hostname
  • -t : Target IP or hostname
  • --timout : Timeout for each target in seconds
  • --disable-pre-check : Disables pre-check to see if the remote destination is alive. Will make enumeration take years!

Examples

  • pypykatz live smbapi session enum -t 10.10.10.2: Lists all sessions on host 10.10.10.2

Home

Live commands

Platform-independent commands

ConnectionURL

Clone this wiki locally