HTB Academy Footprinting | What version of the SMB server is running on the target system? Submit the entire banner as the answer

I tried several of these components based on the enum below:
SMB v3.1
InFreight SMB v3.1
DEVSMB Wk Sv PrQ Unx NT SNT InlaneFreight SMB server (Samba, Ubuntu)

But non of them worked. Can somebody please give me a hint?
Thanks in advanced!

└──╼ $rpcclient -U “” 10.129.118.234
Password for [WORKGROUP]:
rpcclient $> serverinfo
command not found: serverinfo
rpcclient $> srvinfo
DEVSMB Wk Sv PrQ Unx NT SNT InlaneFreight SMB server (Samba, Ubuntu)
platform_id : 500
os version : 6.1
server type : 0x809a03

└──╼ $smbclient -L //10.129.202.5
Password for [WORKGROUP\vidad]:

    Sharename       Type      Comment
    ---------       ----      -------
    print$          Disk      Printer Drivers
    sambashare      Disk      InFreight SMB v3.1
    IPC$            IPC       IPC Service (InlaneFreight SMB server (Samba, Ubuntu))

SMB1 disabled – no workgroup available

nmap -sC -sV 10.129.118.234 maybe?

2 Likes

Thank you Pedro. Below I found the answer…
nmap -p139,135,445 -sC -sV 10.129.202.5 -Pn
Starting Nmap 7.92 ( https://nmap.org ) at 2022-12-02 10:21 EST
Nmap scan report for 10.129.202.5
Host is up (0.036s latency).

PORT STATE SERVICE VERSION
135/tcp closed msrpc
139/tcp open netbios-ssn Samba smbd 4.6.2
445/tcp open netbios-ssn Samba smbd 4.6.2

1 Like

Please what is the answer. i am stuck too

Hey there! This task has been a time sink for me, and it’s not because I couldn’t find the answer. HTB’s lingo got me: “Submit the entire banner as the answer.” I thought it meant more than just the version. But guess what? Don’t submit the full banner—just the SMB version listed under “VERSION.” Save time and effort, folks! Happy hacking!

1 Like

nmap enumeration of the service helped me…

Hi. Did you get the answer eventually?

nmap returns:

139/tcp open netbios-ssn Samba smbd 4
445/tcp open netbios-ssn Samba smbd 4

answer is Samba smbd 4.6.2. usual htb bullshit.

2 Likes

nmap --script banner 10.x.x.x -p445
telnet 10.x.x.x 445

How is that even a banner? I spent 30 mins for nothing lol. Thank you for saving me.

yeah not sure how come those answers don’t get verified, changed and/or updated when reported. too many of those bs lol. kinda demotivating.