smbexec

Written because we got sick of Metasploit PSExec getting popped by certain AV's.

Special thanks to Carnal0wnage who's blog inspired us to go this route http://carnal0wnage.attackresearch.com/2012/01/psexec-fail-upload-and-exec-instead.html

-Includes payload & metasploit rc creator based on vanish.sh
-hash-passing patched smbclient to upload payload
-hash-passing patched winexe to run payload

Video of the original POC can be found at http://www.youtube.com/watch?v=o3d0wfGUCWM&feature=plcp

Tested on:
- BackTrack 5R2 - 32 & 64 Bit
- Ubuntu 10.04.4 LTS - 32 & 64 Bit
- Ubuntu 12.04 LTS - 32 & 64 Bit
- Debian 6 - 32 & 64 Bit
- Fedora 16 - 32 & 64 Bit
- Fedora 17 - 32 & 64 Bit

Coming Soon:
Pentoo
Pwnie Express - Pwn Plug 1.1

Happy hunting!

Project Activity

See All Activity >

License

GNU General Public License version 3.0 (GPLv3)

Follow smbexec

smbexec Web Site

Other Useful Business Software

Build Securely on AWS with Proven Frameworks

Lay a foundation for success with Tested Reference Architectures developed by Fortinet’s experts. Learn more in this white paper.

Moving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.

Download Now

Rate This Project

User Reviews

Be the first to post a review of smbexec!

Additional Project Details

Operating Systems

Linux

User Interface

Console/Terminal, X Window System (X11)

Registered

2012-06-28

Similar Business Software

StrongDM

StrongDM is a People-First Access platform that gives technical staff a direct route to the critical infrastructure they need to be their most productive. End users enjoy fast, intuitive, and auditable access to the resources they need, and administrators leverage simplified workflows to enhance...

See Software
ManageEngine Endpoint Central

ManageEngine Endpoint Central is built to secure the digital workplace while also giving IT teams complete control over their enterprise endpoints. It delivers a security-first approach by combining advanced endpoint protection with comprehensive management, allowing IT teams to manage the...

See Software
PathSolutions TotalView

PathSolutions TotalView network monitoring and troubleshooting software bridges the gap between NETWORK MONITORING and TROUBLESHOOTING RESOLUTION telling you WHEN, WHERE and WHY network errors occur. PathSolutions TotalView continuously monitors and tracks the performance of every device and...

See Software
Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
CBT Nuggets

Learning IT doesn’t have to mean boring lectures, the frantic pace of bootcamps, or lots of time away from your job or family. With CBT Nuggets, you can train anytime, anywhere, at your own pace — all from the comfort of your office chair or living room couch. Our training team is made up of...

See Software
Control D

Control D is a customizable DNS filtering and traffic redirection platform that leverages Secure DNS protocols like DNS-over-HTTPS, DNS-over-TLS and DNS-over-QUIC, with support for Legacy DNS. - Block malicious threats - Block unwanted types of content network wide (ads & trackers, IoT...

See Software