SMB Shares

created: "2026-03-03 23:28"
tags:
  - SMB_Shares
  - SMB
aliases:
Type:
title:
updated: "2026-03-03 23:49"

1. 介绍

SMB 共享是许多组织的痛点，它难以审计和控制。如果权限配置不当，攻击者可以上传带有恶意的文件，当不知情的用户访问此文件时，就可能触发出站身份验证尝试。比如 CVE-2024-43451

nxc smb $ip -u '' -p ' ' --shares

2. 修复：

利用 PowerShell 列出所有 SMB 共享及其相关权限。

 # Get all SMB shares
$smbShares = Get-SmbShare

# Iterate over each share and get its permissions
foreach ($share in $smbShares) {
    Write-Host "Share Name: $($share.Name)"
    Write-Host "Path: $($share.Path)"
    
    # Get the access permissions for the share
    $permissions = Get-SmbShareAccess -Name $share.Name
    
    # Display the permissions
    foreach ($permission in $permissions) {
        Write-Host "  Account: $($permission.AccountName)"
        Write-Host "  Access: $($permission.AccessControlType)"
        Write-Host "  Rights: $($permission.AccessRight)"
        Write-Host ""
    }
    
    Write-Host "----------------------------------------"
}

使用 Grant-SmbShareAccess cmdlet 修改这些权限

#移除未授权的用户和组
Revoke-SmbShareAccess -Name "ShareName" -AccountName "Domain\UnauthorizedUser"

#修改现有权限
Grant-SmbShareAccess -Name "ShareName" -AccountName "Domain\User" -AccessRight Read