cover of episode Lucas Morris and Michael McAtee - ShareEnum: We Wrapped Samba So You Don’t Have To

Lucas Morris and Michael McAtee - ShareEnum: We Wrapped Samba So You Don’t Have To

2014/12/13
logo of podcast DEF CON 22 [Materials] Speeches from the Hacker Convention.

DEF CON 22 [Materials] Speeches from the Hacker Convention.

Frequently requested episodes will be transcribed first

Shownotes Transcript

Slides Here: https://www.defcon.org/images/defcon-22/dc-22-presentations/Morris-McAtee/DEFCON-22-Lucas-Morris-Michael-McAtee-ShareEnum-We-Wrapped-Samba.pdf

ShareEnum: We Wrapped Samba So You Don’t Have To Lucas Morris MANAGER, CROWE HORWATH Michael McAtee SENIOR CONSULTANT, CROWE HORWATH CIFS shares can tell you a lot about a network, including file access, local administrator access, password reuse, etc.. Until now most people have relied on add-ons to scanning tools to implement Microsoft’s complicated network APIs. Some tools wrap existing clients, such as smbclient, or use RPC calls; however, this is inefficient. What we need is a scanner that utilizes the closest thing we can get to Microsoft’s SMB libraries to scan network shares efficiently and quietly. ShareEnum uses the underlying Samba client libraries to list shares, permissions, and even recurse down file trees gathering information including what is stored in each directory.

Lucas is a manager responsible for leading application security assessments and penetration testing services to various clients at Crowe Horwath LLP. Lucas is responsible for developing the methodology infrastructure reviews, penetration testing services and to aid clients in developing strategies for secure technologies within corporate environments. He also focuses on developing new tools, resources, and research within the Crowe Technology Risk consulting group. For the past seven years Lucas has been working on penetration testing, security program design, application security testing, and information security assessment testing annually.

Michael is a senior security consultant at Crowe Horwath and responsible for management of Crowe's Security Penetration & Forensics labs. With a passion for programming and security, Michael has been involved in developing security tools for automation and assessment needs at Crowe. Michael's experience includes enterprise Windows administration, enterprise network design, penetration testing, and security consulting and is part of over 35 security engagements annually.