Check LDAP/RPC/SMB With Creds
checklist
Summary
Re-run for every newly discovered user; watch for READ/WRITE shares.
Walkthrough
Authenticated enumeration of SMB shares to find readable or writable data. A hit is a share with sensitive files (configs, scripts, creds) accessible to your user.
Commands
bash
netexec smb <IP> -u <USER> -p '<PASS>' --shares