nuclei-templates/javascript/enumeration/smb/smb-enum-domains.yaml

id: smb-enum-domains

info:
  name: SMB - Enum Domains
  author: DhiyaneshDK
  severity: info
  description: |
    SMB enumeration of domains is often part of the reconnaissance phase, where security professionals or attackers attempt to gather information about the target network to identify potential vulnerabilities.
  reference:
    - https://nmap.org/nsedoc/scripts/smb-enum-domains.html
  metadata:
    verified: true
    max-request: 1
    shodan-query: port:445
    product: dionaea
    vendor: dionaea
  tags: js,network,smb,enum

javascript:
  - pre-condition: |
      isPortOpen(Host,Port);
    code: |
      var m = require("nuclei/smb");
      var c = new m.SMBClient();
      var response = c.ListSMBv2Metadata(Host, Port);
      Export(response);

    args:
      Host: "{{Host}}"
      Port: "445"
    matchers:
      - type: dsl
        dsl:
          - "len(DNSDomainName) != 0"

    extractors:
      - type: json
        internal: true
        name: DNSDomainName
        json:
          - '.DNSDomainName'

      - type: json
        json:
          - '"DomainName: "+ .DNSDomainName '
# digest: 4b0a00483046022100fe17d4640cbdd92068ad03e6b784cc95928887776173f7cdc8fc3dc8736fe948022100e4151a5f3022a37819797845e756e78744616ea564461dc2f37f688d53b2e4dc:922c64590222798bb761d5b6d8e72950
Adding new templates from Unreleased Templates Repo 2024-03-09 14:23:42 +00:00			`id: smb-enum-domains`

			`info:`
			`name: SMB - Enum Domains`
			`author: DhiyaneshDK`
			`severity: info`
			`description: \|`
TemplateMan Update [Sat Mar 23 09:28:19 UTC 2024] :robot: 2024-03-23 09:28:19 +00:00			`SMB enumeration of domains is often part of the reconnaissance phase, where security professionals or attackers attempt to gather information about the target network to identify potential vulnerabilities.`
Adding new templates from Unreleased Templates Repo 2024-03-09 14:23:42 +00:00			`reference:`
			`- https://nmap.org/nsedoc/scripts/smb-enum-domains.html`
			`metadata:`
			`verified: true`
			`max-request: 1`
			`shodan-query: port:445`
TemplateMan Update [Fri Jun 7 10:04:28 UTC 2024] :robot: 2024-06-07 10:04:29 +00:00			`product: dionaea`
			`vendor: dionaea`
Adding new templates from Unreleased Templates Repo 2024-03-09 14:23:42 +00:00			`tags: js,network,smb,enum`
JS pre-condition - update 2024-07-10 12:08:01 +00:00
Adding new templates from Unreleased Templates Repo 2024-03-09 14:23:42 +00:00			`javascript:`
JS pre-condition - update 2024-07-10 12:08:01 +00:00			`- pre-condition: \|`
			`isPortOpen(Host,Port);`
			`code: \|`
Adding new templates from Unreleased Templates Repo 2024-03-09 14:23:42 +00:00			`var m = require("nuclei/smb");`
minor changes 2024-03-15 06:18:12 +00:00			`var c = new m.SMBClient();`
Adding new templates from Unreleased Templates Repo 2024-03-09 14:23:42 +00:00			`var response = c.ListSMBv2Metadata(Host, Port);`
minor - changes 2024-03-09 18:32:19 +00:00			`Export(response);`
Adding new templates from Unreleased Templates Repo 2024-03-09 14:23:42 +00:00
			`args:`
			`Host: "{{Host}}"`
			`Port: "445"`
			`matchers:`
			`- type: dsl`
			`dsl:`
			`- "len(DNSDomainName) != 0"`

			`extractors:`
			`- type: json`
			`internal: true`
			`name: DNSDomainName`
			`json:`
			`- '.DNSDomainName'`

			`- type: json`
			`json:`
			`- '"DomainName: "+ .DNSDomainName '`
Auto Template Signing [Wed Jul 10 12:45:27 UTC 2024] :robot: 2024-07-10 12:45:27 +00:00			`# digest: 4b0a00483046022100fe17d4640cbdd92068ad03e6b784cc95928887776173f7cdc8fc3dc8736fe948022100e4151a5f3022a37819797845e756e78744616ea564461dc2f37f688d53b2e4dc:922c64590222798bb761d5b6d8e72950`