## https://sploitus.com/exploit?id=BA90AD9D-DDDA-5933-9668-06DF9BBEAD04
# Samba smbd 3.xโ4.x Exploitation using Metasploit
## Project Overview
This project demonstrates the identification and exploitation of a vulnerable **Samba smbd service (versions 3.xโ4.x)** running on a Linux system using the **Metasploit Framework**. The target system is *Metasploitable2*, an intentionally vulnerable virtual machine used for security training and research.
The objective of this project is to simulate a **real-world internal network penetration test**, gain unauthorized access to the target system, and perform post-exploitation activities to assess the impact of the vulnerability.
---
## Objectives
- Perform reconnaissance to identify exposed network services
- Detect a vulnerable Samba (SMB) service
- Exploit the vulnerability using Metasploit
- Obtain remote access to the target system
- Conduct post-exploitation enumeration
- Demonstrate the security impact and provide remediation steps
---
## Tools & Technologies Used
- **Kali Linux**
- **Metasploit Framework**
- **Nmap**
- **VMware Workstation**
- **Metasploitable2 (Target Machine)**
---
## Lab Environment
1. Attacker - Kali Linux (192.168.227.128)
2.Target - Metasploitable2 (192.168.227.131)
The lab was configured in a controlled virtual environment for educational and ethical testing purposes only.
---
## Attack Summary
1. Conducted network scanning using Nmap to identify open ports and services
2. Discovered Samba service running on port **139**
3. Identified vulnerable Samba smbd version
4. Selected an appropriate Metasploit exploit module
5. Successfully gained a remote session on the target system
6. Performed post-exploitation enumeration:
- Process inspection
- File system access
- Access to sensitive system files such as `/etc/shadow`
7. Analyzed the security impact and documented mitigation steps
---
## Project Structure
โโโ README.md
โโโ lab-setup/
โโโ reconnaissance/
โโโ exploitation/
โโโ post-exploitation/
โโโ mitigation/
โโโ screenshots/
Each folder represents a **phase of a penetration test**, documented using Markdown files with supporting screenshots.
---
## Impact of the Vulnerability
Successful exploitation of the Samba service allows an attacker to:
- Gain unauthorized access to the system
- Read sensitive files such as password hashes
- Enumerate users and running processes
- Potentially escalate privileges
- Move laterally within an internal network
---
## Mitigation & Defense
Mitigation techniques are documented in the `mitigation/` directory and include:
- Updating Samba to a patched version
- Disabling unused SMB services
- Restricting SMB access via firewall rules
- Monitoring SMB-related logs for suspicious activity
---
## Learning Outcomes
- Hands-on experience with internal network exploitation
- Understanding of Samba/SMB security risks
- Practical use of Metasploit in real attack scenarios
- Exposure to post-exploitation techniques
- Improved reporting and documentation skills
---
## Legal & Ethical Disclaimer
-This project was conducted **strictly in a controlled lab environment** for educational purposes.
---
## Author
**Abhijeet Dhadve**
Cybersecurity Enthusiast | Ethical Hacking | Penetration Testing