SMB Permission Clarification

[theredmoose]

Hi, This is more clarification than an bug or issue. I want to use SMBmap to enumerate all the shares that are set to "everyone" access write permission. However, if I use a basic domain user then we have to guess the share names. If I use a admin user the shares will can be enumerated but the permissions are reflecting that of the admin user not an everyone account. Is this correct?

[ShawnDEvans]

The permissions are unfortunately not that granular. There are checks to determine if the user is able to READ, WRITE or READ/WRITE - but that is about as deep as it gets. That said, if you're using a user that is only part of the "EVERYONE" group, that user should still be able to return a list of shared SMB resources on any given server within the domain. However, they may not have READ access to the underlying data. I hope this helps answer your question!