Samba_3.x_4.x_exploit (SMB 'username map script')

A python version of a Metasploit module that exploit "Samba username map script Command Execution", I created this script to avoid using Metasploit, because it's not useful for the lab 👾

𝗢𝗳𝗳𝗶𝗰𝗶𝗮𝗹 𝗱𝗲𝘀𝗰𝗿𝗶𝗽𝘁𝗶𝗼𝗻 𝗼𝗳 𝘃𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝘆:

This module exploits a command execution vulnerability in Samba versions 3.0.20 through 3.0.25rc3 when using the non-default "username map script" configuration option. By specifying a username containing shell meta characters, attackers can execute arbitrary commands. No authentication is needed to exploit this vulnerability since this option is used to map usernames prior to authentication! (source: https://www.rapid7.com/db/modules/exploit/multi/samba/usermap_script).

Requirements:

⟶ Python2

⟶ Pysmb module:

pip install --user pysmb