2024-09-05
Dancing - Exploiting Unauthenticated SMB Shares
Technical writeup detailing the initial compromise of the Dancing machine. The methodology focuses on thorough Nmap scanning to identify exposed SMB services (ports 139, 445), leveraging the 'smbclient' tool to enumerate and gain unauthorized access to publicly accessible network shares (WorkShares), and retrieving sensitive data (flags/notes) due to weak share permissions.