SMB, or Server Message Block, is a client/server modelled protocol that allows sharing of network resources over TCP/IP. Users or applications use an SMB client (such as Samba) to send SMB Requests to a remote SMB Server, providing CRUD capabilities.
SMB can be used directly with TCP/IP as well as other networking protocols, but this is outwith the scope of the current lesson. Might be worth some further research later!
For the purposes of this lesson, the point is mainly that if a target host has an open SMB port, we may be able to exploit that to grant access to directories, devices and files that we shouldn't have. This may allow us to leverage any information gained in our exploitation phase.
SMB is commonly found on two ports: 139 and 445.
It was originally on 139, and ported over to 445 by Microsoft in an attempt to improve the protocol, part of which included a rename to CIFS, Common Internet File System. In this regard, SMB and CIFS can be often found to be used interchangably.
As with most other things related to CyberSec and Pentesting, there are several approaches that can be used to enumerate and fingerprint details of SMB shares.
Launch Metasploit with command msfconsole in terminal.
Search for SMB scanner modules with command search scanner/smb.
To enumerate SMB version, use auxiliary/scanner/smb/smb_scanner.
To get more details on the module being used, command info is our friend.
To learn which options we have available to set, use options. This will tell us for example if we can set RHOST (remote host) and which particular options are mandatory/required.
It's all ready! Enter run and see what comes back! (In this case, hopefully an SMB version!).