cifs – WindowsTechs.com

Serious Security: The Samba logon bug caused by outdated crypto

Posted on January 30, 2023 by Paul Ducklin

Enjoy our Serious Security deep dive into this real-world example of why cryptographic agility is important! Continue reading Serious Security: The Samba logon bug caused by outdated crypto→

Can SMB/CIFS credentials be extracted from Linux?

Posted on August 31, 2021 by Bob

On a penetration test, I have completely compromised a Linux machine and I am now trying to move around the network. The Linux machine has a mounted CIFS share, and I want to get the password used to connect to that share, because I think … Continue reading Can SMB/CIFS credentials be extracted from Linux?→

How to gain code execution through access to CIFS service on Windows?

Posted on March 20, 2021 by PaperTsar

Is it possible to gain code execution on a machine through access to CIFS service? And if so, how? In my case, I have a valid Kerberos TGS to CIFS service running on a host and I am able to copy and download files. I want to get a shell au… Continue reading How to gain code execution through access to CIFS service on Windows?→

mount CIFS shares on Linux by passing the hash

Posted on July 19, 2018 by user1330734

While security testing an SMB network, I use the following commands with AD username and password credentials to perform audits on shares from within a Linux environment.

SMBHOST=”
SMBUSER=”
SMBPASS=”
… Continue reading mount CIFS shares on Linux by passing the hash→

VU#974272: Microsoft Outlook retrieves remote OLE content without prompting

Posted on April 10, 2018 by CERT

When a Rich Text(RTF)email is previewed in Microsoft Outlook,remotely-hosted OLE content is retrieved without requiring any additional user interaction. This can leak private information including the user’s password hash,which may be cracked by an attacker. Continue reading VU#974272: Microsoft Outlook retrieves remote OLE content without prompting→

SMB/CIFS security in heterogeneous environment

Posted on July 7, 2017 by Suncatcher

Suppose I have several machines both Linux and Windows I want to connect to each other for file-sharing. Now I use mount -cifs command with vers=3.0 clause to access Windows shares from my Linux machines

mount -t cifs -o credentials=/etc/credentials.cred,vers=3.0,uid=1000,gid=1000 //192.168.137.1/folder /media/folder

and I also use standard Windows SMB/CIFS functionality to access Linux shares from Windows 10. What bothers me is the efficiency of such configuration.

I know that I can utilize encryption and signing in Windows, e.g. via Set-SmbServerConfiguration –RejectUnencryptedAccess $false, and I also know I can do this in Linux via smb.conf.

The question is: what is the most secure way to organize dual-way Samba sharing between Linux and Windows? Should I set up Linux as a server and Windows as client or vice versa?

It bothers me because of recent ransomware epidemic and impossibility to prohibit SMBv1 in Windows in such mixed heterogeneous landscape. When I turn off SMB/CIFS like this, my Linux boxes cannot access Windows boxes anymore.

Continue reading SMB/CIFS security in heterogeneous environment→