Windows Scan authenticated SMB Scan

pat1990 · July 12, 2023, 7:27am

Hello,

i am a newbie and try to scan authenticated smb scan on windows Workgroup Server.
For me it’s a test to try out the software from Greenbone.
I have installed the Community Container from Greenbone Community Containers 22.4 - Greenbone Community Documentation
and created my first report with authenticated smb scan.
I have not the feeling that it works correctly.
I deployed a Windows Server 2022 21H2 and installed the Credential.exe on the Windows Server.
After i started a scan, i got no vulns. only 15 Logs and 1 medium and 1 low vulns.
I installed wireshark to capture the SMB2 Traffic and see following statement:
Status_Logon_type_Not_Granted. I have googled for it and found a solution (Allow log on locally) for this but it doesn’t works.
I thought it was the default administrator account, that i have created a new user, but i get the same error.
Have anyone a solution for this issue?

Best regards,
Patrick

nfenech · July 14, 2023, 1:33am

Hi there,

Are you using the docker containers, and scanning a Windows server?

Make sure you have a domain account that has access to the server you’re scanning. And that you have that saved in the credentials section.
It has to be saved with Username: <user>. Then the Password.

Then when you set up your target, you can use the saved creds for SMB scanning.

Hopefully that helps.

rippledj · July 14, 2023, 3:08am

Hello, you can try read the docs about this topic:

Requirements On Target Systems With Microsoft Windows