Difference between revisions of "SMB"
| (4 intermediate revisions by one other user not shown) | |||
| Line 1: | Line 1: | ||
| − | + | [[File:SMB-deployment-channel.png|thumb|180px|Printing over SMB]] | |
| − | + | Server Message Block (SMB) is an application-layer network protocol for file and printer sharing originally developed by IBM in the mid-80s. It is the default method used by Windows based computers to share files and printers <ref>''[https://technet.microsoft.com/en-us/library/cc939973.aspx Common Internet File System]'', Microsoft TechNet Library</ref>. A free implementation is available with the [https://en.wikipedia.org/wiki/Samba_%28software%29 Samba] project. Some network printers bring their own SMB server – usually running on port 445/tcp – which, just like to [[LPD]], [[IPP]] and [[raw]] port 9100 printing, can be abused as a carrier for malicious PostScript or PJL files. In the Windows world, printing directly (without any ‘printer drivers’ interfering and converting the file) to a shared printer can be done as follows: | |
| − | + | C:\> copy /b file \\server\share | |
| − | + | ...where <code>server</code> is either the printer itself, if it supports direct printing over SMB, or a separate computer system connected to the device and <code>share</code> is the name of the printer share. In the UNIX world, directly sending a file to an SMB printer share can be achived with the ''smbclient'' or the ''smbspool'' command from the samba(7) suite: | |
| − | + | ||
| + | smbclient [-N|-U user] //server/share -c "print file" | ||
| + | smbspool smb://[user:pass]@server/share 0 user title 1 "" file | ||
| − | + | → ''Related articles:'' [[Fundamentals#High-level_overview|Fundamentals]], [[Attack carriers]] | |
| − | + | ||
| − | → ''Related | + | |
---- | ---- | ||
Latest revision as of 09:29, 31 January 2017
Server Message Block (SMB) is an application-layer network protocol for file and printer sharing originally developed by IBM in the mid-80s. It is the default method used by Windows based computers to share files and printers [1]. A free implementation is available with the Samba project. Some network printers bring their own SMB server – usually running on port 445/tcp – which, just like to LPD, IPP and raw port 9100 printing, can be abused as a carrier for malicious PostScript or PJL files. In the Windows world, printing directly (without any ‘printer drivers’ interfering and converting the file) to a shared printer can be done as follows:
C:\> copy /b file \\server\share
...where server is either the printer itself, if it supports direct printing over SMB, or a separate computer system connected to the device and share is the name of the printer share. In the UNIX world, directly sending a file to an SMB printer share can be achived with the smbclient or the smbspool command from the samba(7) suite:
smbclient [-N|-U user] //server/share -c "print file" smbspool smb://[user:pass]@server/share 0 user title 1 "" file
→ Related articles: Fundamentals, Attack carriers
- ↑ Common Internet File System, Microsoft TechNet Library
