Service Scaning

List the SMB shares available on the target host. Connect to the available share as the bob user. Once connected, access the folder called ‘flag’ and submit the contents of the flag.txt file.

what is password of bob ? ???

Capture

what is password ?

did you try --no-pass?
No idea what module you’re trying since I don’t see one named “service scanning” though.

this is section in module Getting Started

1 Like

it’s in the module

i can not imagine how i did not see it … Thank you so much

no problem. happens to everyone

Hello All! I am struggling to get the flag.txt file for the 3rd question under service scanning in the Getting Started module. I have got down the smbclient -U bob \\10.129.86.123\users and ls i see flag is a directory I cd flag and I see the flag.txt! but then when I try get flag.txt I see error opening local file flag.txt. Anyone know what I am missing and will I end up downloading it to the parrot desktop because there isn’t cat command under smbclient?

OK found out that it is cd flag and then more flag.txt for the answer.

Quite helpful thread, thanks guys.

I have tried the same password “Welcome1” but it still shows "session setup failed: NT_STATUS_LOGON_FAILURE "

Any idea why the password is not working ?

Welcome1

I input “Welcome1” password and status error still pops up I need some help…

1 Like

Hi Mohamed,

It is same password “Welcome1”. I try to brute-force before the user bob with no chance. Just do one thing. use your own VM of parrot instead of using The in-browser version, or Pwnbox. I faced the same issue and I though the issue is wrong password but in reality it is not. just copy password in notepad then fire the terminal and connect to the share with bob user then copy the password and click edit in terminal then choose paste. Avoid using the machine " in-browser version"

I was also getting same error but tried it with different tool smbmap and it worked.

smbmap -u bob -p Welcome1 -R -H 10.129.xx.xx -A 'flag.txt’

-R to recursive search across all folders and -A uses regex to locate the file and automatically download it.