Enumerate anonymous logon
Using a random username and password you can check if the target accepts annonymous logon
Make sure the password is empty
1
cme smb 10.10.10.178 -u 'a' -p ''
Copied!
You can also check this behavior with smbclient or rpcclient
1
smbclient -N -L \\10.10.10.178
2
rpcclient -N -L 10.10.10.178
Copied!
Network access: Shares that can be accessed anonymously
docsmsft

Example

Nest machine is a good example of anonymous logon with CrackMapExec
https://www.hackthebox.eu/home/machines/profile/225
www.hackthebox.eu
Last modified 1yr ago
Copy link
Contents
Example