Results 1 to 3 of 3

Thread: PTH Attack with patched Samba

  1. #1
    Just burned his ISO
    Join Date
    Aug 2009
    Posts
    8

    Default PTH Attack with patched Samba

    Hi,

    I am having trouble configuring samba to work with a pass the hash attack. Was wondering if anyone would be able to lead me in the right direction with this one?

    I have done (in order):
    downloaded samba 3.0.22
    patched the appropriate files
    configured samba (--with-smbmount)
    make + make install
    add the hash to the SMBHASH env variable with export

    When I do the following:
    ./smbmount //target/drive /mnt/target -o username=target-user

    I receive this error:
    params.c:OpenConfFile() - Unable to open configuration file "/usr/local/samba/lib/smb.conf":
    No such file or directory
    Can't load /usr/local/samba/lib/smb.conf - run testparm to debug it
    Password:
    HASH PASS: Substituting user supplied NTLM HASH...
    HASH PASS: Substituting user supplied NTLM HASH...
    HASH PASS: Substituting user supplied LM HASH...
    16526: session setup failed: ERRDOS - ERRnoaccess (Access denied.)
    SMB connection failed


    This is interesting because the smb.conf file is in /etc/samba and not in /usr/.../samba/. So I was wondering if anyone knew how to redirect samba to look in /etc/samba. I don't know if it matters but it should be noted that /etc/smb.conf existed before I installed samba 3.0.22 (was on default install of bt4).

    Also, when I create a mount point (mkdir /mnt/target) and try and mount it (mount /mnt/target) I receive the following error:
    mount: can't find /mnt/target/ in /etc/fstab or /etc/mtab

    Any ideas on this would be appreciated.

    Thanks.

  2. #2
    Just burned his ISO
    Join Date
    Aug 2009
    Posts
    8

    Default

    OK, took me quite a while figure this one out but I finally managed to get it working.

    If anyone's interested, I have posted a tutorial on my blog:

    defenceindepth [dot] net

    Hope it helps.

  3. #3
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    Did you come across the Pass-The-Hash Toolkit - Docs & Info in your travels?

    Good work on following up though.

    If your mountpoint doesn't exist in the /etc/fstab or mtab's, you need to specify a few more details, mount -t smbfs host:blah and so on.
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •