Page tree

Welcome to FreeSoftwareServers Confluence Wiki

Skip to end of metadata
Go to start of metadata
smbstatus --shares

SMB Monitoring Script:

#!/bin/bash

#SMB Mount Monitoring
SMB=($(smbstatus --shares | grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b"))

echo "#####################" >> /tmp/hacker.info
echo "SMB Mount(s) Mounted!" >> /tmp/hacker.info
echo "#####################" >> /tmp/hacker.info
for i in "${SMB[@]}"
 do
        echo "#####################" >> /tmp/hacker.info
        echo "HACKER DETECTED W/ IP $i" >> /tmp/hacker.info
        echo >> /tmp/hacker.info
        nbtscan "$i" >> /tmp/hacker.info
        nslookup "$i" >> /tmp/hacker.info
        arp -a "$i" >> /tmp/hacker.info
        echo >> /tmp/hacker.info
done

echo "#####################" >> /tmp/hacker.info
echo "SMB General Information" >> /tmp/hacker.info
echo >> /tmp/hacker.info
echo "smbstatus" >> /tmp/hacker.info
smbstatus >> /tmp/hacker.info
echo >> /tmp/hacker.info
echo "End SMB Information" >> /tmp/hacker.info
echo "#####################" >> /tmp/hacker.info

  • No labels