So you’ve run NMap and you have ports 137-139 or 445 open. This will likely show as being Netbios as the service and Samba as the version.
Banner Grabbing with SMBclient
Banner Grabbing is essentially getting more information about the technology and software versions behind the application you are attempting to exploit.
To attempt a banner grab using SMBClient enter the following into the terminal
smbclient -L //IP.Ad.dr.ess
This will then prompt the user for a password, press return if you suspect there is no password.
smbclient -L //IP.Ad.dr.ess -N
The -N indicates that you do not have a root user and will attempt to connect.
NMap script to scan for SMB Information
The following script allows you to scan the file share to discover more about the hardware and software on which it is running.
Download the script from here:
Drop the script into the NMap script directory:
Execute the following command in the terminal
nmap --script smb-os-discovery.nse -p 445 IP.Ad.dr.ess
Remember to change the -p port to the port number of the samba share.
The script is not absolutely guaranteed to work – so do not necessarily assume. I have found it will work on some netbios / samba on some targets but by no means all of them.