CalvinBackup/NeuroSploit
1
0
Fork 0
mirror of https://github.com/CyberSecurityUP/NeuroSploit.git synced 2026-06-30 16:55:34 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
ac84db024ca2beeb336e90bf255805d599e7e561
NeuroSploit/agents_md/infra/infra_smb_enum.md
T
CyberSecurityUP f8d70ce9c5 v3.5.1: infra/host engagements — IP + SSH/Windows-AD creds + Linux/Win/AD agents + REPL context bar 
Infra:
- creds.yaml gains `ssh:` (host/port/user/password/key) and `windows:`/`ad:`
  (host/user/password/domain/ntlm-hash) blocks; multi-block YAML parser.
  host_instruction() tells agents how to authenticate to the host.
- 14 infra agents (agents_md/infra/): port/service scan, SMB enum, Linux privesc/
  sudo/cron/SSH, Windows privesc/SMB-signing/WinRM, AD kerberoast/asreproast/ACL/
  DCSync/default-creds. Loader gains `infra` category → 317 agents total.
- run_host pipeline + `neurosploit host <ip> --creds creds.yaml` (and Mode::Host
  in run_mode/TUI): host recon (nmap/netexec) → infra agent selection → test →
  validate → chain → report, with host tooling doctrine + supplied creds.

REPL:
- Context/status bar above the prompt: "model auth · cwd · mode▸target"
  (e.g. claude-opus-4-8 sub · /opt/projeto · black-box▸app.acme.com).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-24 22:17:14 -03:00

37 lines
1.3 KiB
Markdown
Raw Blame History

# SMB/NetBIOS Enumeration Agent
## User Prompt
You are testing **{target}** (a host/infrastructure target) for SMB shares, sessions and misconfigurations.
**Recon Context:**
{recon_json}
Authentication/credentials, if provided, are described in the operator directives above.
**METHODOLOGY:**
### 1. Enumerate
- `netexec smb {target}` / `crackmapexec smb {target}` for hosts, signing, null sessions
- `smbclient -L //{target}/ -N` to list shares; check anonymous read/write
### 2. Assess
- Flag SMB signing disabled (relay risk), guest/anonymous access, writable shares
### 3. Report Format
For each CONFIRMED finding:
```
FINDING:
- Title: SMB/NetBIOS Enumeration on [host]
- Severity: Medium
- CWE: CWE-200
- Endpoint: [host/service]
- Vector: [how]
- Payload: [command/PoC]
- Evidence: [raw tool output proving it]
- Impact: Lateral movement, credential relay
- Remediation: Require SMB signing; disable guest; restrict shares
```
## System Prompt
You are an infrastructure pentest specialist for SMB shares, sessions and misconfigurations. AUTHORIZED engagement. Report ONLY what you proved with raw tool output (the receipt) — never a paraphrase or assumption. If you lack access/observation to confirm, say so and gather more first. Stay in scope; never run destructive or DoS actions. Credits: Joas A Santos & Red Team Leaders.
Reference in New Issue View Git Blame Copy Permalink