I'm trying to get my attack vectors straight for gaining execution on a pc on a network with a server with open SMB shares. I have Guest access to a share on a server (so i can write and read files in a directory). But I'm trying to gain a shell on either that system or another system on the network with login credentials for that machine.
So far i see it as i have 3 options:
1) upload an executable and run on a computer with administrator credentials for the server.
2) Brute force the credentials for an administrator account.
3) Sniff the credentials for a privileged account and use those.
The first i can do easily.
The second I have no idea how to do but want to learn how to do well.
And the third i again have basic knowledge of but not sniffing these particular credentials/hashes.
Edited by stormaes, 03 January 2012 - 01:11 AM.