Service:
smbd ,
srvsvc ,
Windows File Sharing
Protocol:
TCPPort:
445Used for:
File sharing, printer access, and Windows domain operationsWhy It’s Open
Port 445 is critical in Windows networks for everything from file shares to domain authentication. It replaced NetBIOS-based SMB traffic.
Common Risks
- EternalBlue & WannaCry: SMBv1-based exploits.
- SMB Relay & Man-in-the-Middle: NTLM hash theft.
- Unauthorized Access: Misconfigured shares and ACLs.
Want to save time on reporting?
Let PentestPad generate, track, and export your reports - automatically.
Enumeration & Testing
Nmap discovery
nmap -p 445 --script smb-enum-shares,smb-os-discovery
smbclient -L /// -NWhat to Look For
| Checkpoint | What it means |
|---|---|
| SMBv1 support | Legacy and vulnerable |
| Guest access enabled | Unauthenticated share access |
| Null sessions | Info disclosure risk |
Known Exploits
-
CVE-2017-0144 EternalBlue exploit allows remote attackers to execute arbitrary code via crafted packets. 🔗 NVD Entry
-
CVE-2020-0796 SMBGhost vulnerability enables remote code execution in SMBv3. 🔗 NVD Entry
Mitigation
- Disable SMBv1 and enforce SMB signing.
- Require strong authentication.
- Segment and audit shares.
- Use Group Policy to limit anonymous access.
Real-World Example
SMB over 445 was the main vector for the WannaCry ransomware outbreak in 2017, causing billions in damages globally.
TL;DR
- Service: SMB (File and Printer Sharing)
- Default Port: 445/TCP
- Risks: Remote code execution, lateral movement
- Mitigation: Apply patches, disable SMBv1, restrict access