| NAT(1) | General Commands Manual | NAT(1) |
smb-nat - NetBIOS Auditing Tool
smb-nat [-d <debuglevel>] [-o <output>] [-u <userlist>] [-p <passlist>] <address>
smb-nat is a tool written to perform various security checks on systems offering the NetBIOS file sharing service. smb-nat will attempt to retrieve all information availible from the remote server, and attempt to access any services provided by the server.
hostname - "hostname" is added
127.0.0.1-127.0.0.3, adds addresses 127.0.0.1 through 127.0.0.3
127.0.0.1-3, adds addresses 127.0.0.1 through 127.0.0.3
127.0.0.1-3,7,10-20, adds addresses 127.0.0.1 through 127.0.0.3, 127.0.0.7, 127.0.0.10 through 127.0.0.20.
hostname,127.0.0.1-3, adds "hostname" and 127.0.0.1 through 127.0.0.1
All combinations of hostnames and address ranges as specified above are valid.
If no userlist or password list files are specified on the command line, a small set of defaults are used. This list includes the following:
Usernames
"ADMINISTRATOR", "GUEST", "BACKUP",
"ROOT", "ADMIN", "USER", "DEMO",
"TEST", "SYSTEM", "OPERATOR",
"OPER", "LOCAL"
Passwords
"ADMINISTRATOR", "GUEST", "ROOT",
"ADMIN", "PASSWORD", "TEMP",
"SHARE", "WRITE", "FULL", "BOTH",
"READ", "FILES", "DEMO", "TEST",
"ACCESS", "USER", "BACKUP",
"SYSTEM", "SERVER", "LOCAL"
The password guessing routines are written in such a way that all passwords are tried for all usernames. Keep this in mind when using larger lists of passwords and usernames, as the time required increases exponentially with the size of these lists.
This version of smb-nat has been tested against Windows NT 4.0 and various versions of the Samba server written by Andrew Tridgell.
This version of smb-nat has been tested and compiled on the following operating systems: Solaris 2.5, Linux 2.0, FreeBSD 2.1.5, OpenBSD 2.0, BSDI 2.1, Windows NT 4.0, Windows 95
smb-nat, /usr/share/smb-nat/userlist.txt, /usr/share/smb-nat/passlist.txt