FindUncommonShares.py is a Python equivalent of PowerView's Invoke-ShareFinder.ps1 allowing to quickly find uncommon shares in vast Windows Domains.

Last update: Jan 03, 2023

Overview

FindUncommonShares

The script FindUncommonShares.py is a Python equivalent of PowerView's Invoke-ShareFinder.ps1 allowing to quickly find uncommon shares in vast Windows Domains.

Features

Automatically gets the list of all computers from the domain controller's LDAP.
Multithreaded search.
JSON export of the found shares, with IP, name, comment, flags and UNC path.

Usage

$ ./FindUncommonShares.py -h                                                                  
Impacket v0.9.24.dev1+20210906.175840.50c76958 - Copyright 2021 SecureAuth Corporation

usage: FindUncommonShares.py [-h] [-ts] [--use-ldaps] [-q] [-debug] [-t THREADS] [-o OUTPUT_FILE] --dc-ip ip address [-d DOMAIN] [-u USER]
                             [--no-pass | -p PASSWORD | -H [LMHASH:]NTHASH | --aes-key hex key] [-k]

Find uncommon SMB shares on remote machines.

optional arguments:
  -h, --help            show this help message and exit
  -ts                   Adds timestamp to every logging output
  --use-ldaps           Use LDAPS instead of LDAP
  -q, --quiet           show no information at all
  -debug                Debug mode
  -t THREADS, --threads THREADS
                        Number of threads (default: 5)
  -o OUTPUT_FILE, --output-file OUTPUT_FILE
                        Output file to store the results in. (default: shares.json)

authentication & connection:
  --dc-ip ip address    IP Address of the domain controller or KDC (Key Distribution Center) for Kerberos. If omitted it will use the domain part (FQDN)
                        specified in the identity parameter
  -d DOMAIN, --domain DOMAIN
                        (FQDN) domain to authenticate to
  -u USER, --user USER  user to authenticate with

  --no-pass             don't ask for password (useful for -k)
  -p PASSWORD, --password PASSWORD
                        password to authenticate with
  -H [LMHASH:]NTHASH, --hashes [LMHASH:]NTHASH
                        NT/LM hashes, format is LMhash:NThash
  --aes-key hex key     AES key to use for Kerberos Authentication (128 or 256 bits)
  -k, --kerberos        Use Kerberos authentication. Grabs credentials from .ccache file (KRB5CCNAME) based on target parameters. If valid credentials
                        cannot be found, it will use the ones specified in the command line

Examples :

[]$ ./FindUncommonShares.py -u 'Administrator' -d 'LAB.local' -p 'Admin123!' --dc-ip 192.168.2.1
Impacket v0.9.24.dev1+20210906.175840.50c76958 - Copyright 2021 SecureAuth Corporation

[>] Extracting all computers ...
[+] Found 2 computers.
[>] Enumerating shares ...
[>] Found uncommon share 'Users' on 'DC01.LAB.local'
[>] Found uncommon share 'WeirdShare' on 'DC01.LAB.local' (comment: 'Test comment')
[>] Found uncommon share 'AnotherShare' on 'PC01.LAB.local'
[>] Found uncommon share 'Users' on 'PC01.LAB.local
[]$

Results are exported in JSON entries:

{"sharename": "Users", "uncpath": "\\\\192.168.2.1\\Users\\", "computer": "DC01.LAB.local", "comment": "", "type": {"stype_value": 0, "stype_flags": ["STYPE_DISKTREE", "STYPE_SPECIAL", "STYPE_TEMPORARY"]}}
{"sharename": "WeirdShare", "uncpath": "\\\\192.168.2.1\\WeirdShare\\", "computer": "DC01.LAB.local", "comment": "Test comment", "type": {"stype_value": 0, "stype_flags": ["STYPE_DISKTREE", "STYPE_SPECIAL", "STYPE_TEMPORARY"]}}
{"sharename": "AnotherShare", "uncpath": "\\\\192.168.2.11\\AnotherShare\\", "computer": "PC01.LAB.local", "comment": "", "type": {"stype_value": 0, "stype_flags": ["STYPE_DISKTREE", "STYPE_SPECIAL", "STYPE_TEMPORARY"]}}
{"sharename": "Users", "uncpath": "\\\\192.168.2.11\\Users\\", "computer": "PC01.LAB.local", "comment": "", "type": {"stype_value": 0, "stype_flags": ["STYPE_DISKTREE", "STYPE_SPECIAL", "STYPE_TEMPORARY"]}}

Each JSON entry looks like this:

{
  "sharename": "AnotherShare",
  "uncpath": "\\\\192.168.2.11\\AnotherShare\\",
  "computer": "PC01.LAB.local",
  "comment": "",
  "type": {
    "stype_value": 0,
    "stype_flags": [
      "STYPE_DISKTREE",
      "STYPE_SPECIAL",
      "STYPE_TEMPORARY"
    ]
  }
}

Colored output

You can print results with colors using the -colors option:

Credits

Feature suggested in impacket issue #1176 by @CaledoniaProject

Utils to quickly evaluate many 🤗 models on the GLUE tasks

1 Dec 22, 2021

addons to the turtle package that help you drew stuff more quickly

TurtlePlus addons to the turtle package that help you drew stuff more quickly --------------

1 Nov 18, 2021

Hspice-Wave-Generator is a tool used to quickly generate stimuli souces of hspice format

Hspice-Wave-Generator is a tool used to quickly generate stimuli souces of hspice format. All the stimuli sources are based on `pwl` function of HSPICE and the specific complex operations of writing hspice description are encapsulated and the user only needs to provide the array input.

3 Aug 2, 2022

A tool to quickly create codeforces contest directories with templates.

Codeforces Template Tool I created this tool to help me quickly set up codeforces contests/singular problems with templates. Tested for windows, shoul

1 Jun 2, 2022

Automatically find solutions when your Python code encounters an issue.

What The Python?! Helping you find answers to the errors Python spits out. Installation You can find the source code on GitHub at: https://github.com/

139 Dec 14, 2022

A practice program to find the LCM i.e Lowest Common Multiplication of two numbers using python without library.

Finding-LCM-using-python-from-scratch Here, I write a practice program to find the LCM i.e Lowest Common Multiplication of two numbers using python wi

4 Sep 24, 2021

Some Python scripts that fx(hash) users might find useful.

fx_hash_utils Some Python scripts that fx(hash) users might find useful. get_images This script downloads all the static images of the tokens generate

30 Oct 5, 2022

A simple python project that can find Tangkeke in a given image.

A simple python project that can find Tangkeke in a given image. Make the real Tangkeke image as a kernel to convolute the target image. The area wher

1 Dec 8, 2021

A python script developed to process Windows memory images based on triage type.

Overview A python script developed to process Windows memory images based on triage type. Requirements Python3 Bulk Extractor Volatility2 with Communi

245 Nov 24, 2022

FindUncommonShares.py is a Python equivalent of PowerView's Invoke-ShareFinder.ps1 allowing to quickly find uncommon shares in vast Windows Domains.

Related tags

Overview

FindUncommonShares

Features

Usage

Examples :

Colored output

Credits

You might also like...

Utils to quickly evaluate many 🤗 models on the GLUE tasks

addons to the turtle package that help you drew stuff more quickly

Hspice-Wave-Generator is a tool used to quickly generate stimuli souces of hspice format

A tool to quickly create codeforces contest directories with templates.

Automatically find solutions when your Python code encounters an issue.

A practice program to find the LCM i.e Lowest Common Multiplication of two numbers using python without library.

Some Python scripts that fx(hash) users might find useful.

A simple python project that can find Tangkeke in a given image.

A python script developed to process Windows memory images based on triage type.

Releases(2.4)

2.4(Dec 14, 2022)

2.3(Sep 24, 2022)

2.2(Sep 21, 2022)

2.1(May 25, 2022)

2.0(Feb 18, 2022)

1.6(Jan 30, 2022)

1.5(Oct 8, 2021)

1.4(Oct 7, 2021)

1.3(Oct 7, 2021)

1.1(Oct 6, 2021)

1.0(Oct 6, 2021)

Owner

Podalirius

Improved version calculator, now using while True and etc

This is the course repository for the Spring 2022 iteration of MACS 30123 "Large-Scale Computing for the Social Sciences" at the University of Chicago.

Would upload anything I do with/related to brainfuck

Python communism - A module for initiating the communist revolution in each of our python modules

A server shell for you to play with Powered by Django + Nginx + Postgres + Bootstrap + Celery.

tgEasy | Easy for a Brighter Shine | Monkey Patcher Addon for Pyrogram

Use a real time weather API to apply wind to your mouse cursor.

A numbers extract from string python package

uMap lets you create maps with OpenStreetMap layers in a minute and embed them in your site.

Auto-ropper is a tool that aims to automate the exploitation of ROP.

A replacement of qsreplace, accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.

Store Simulation

A simple desktop application to scan and export Genshin Impact Artifacts.

Final Fantasy XIV Auto House Clicker

🔤 Measure edit distance based on keyboard layout

My collection of mini-projects in various languages

Converts a base copy of Pokemon BDSP's masterdatas into a more readable and editable Pokemon Showdown Format.

AdventOfCode 2021 solutions from the Devcord server

A python package for bitclout.

Blender addon for executing the operator in response to the received OSC message.