documentation/modules/post/windows/gather/enum_shares.md
This module will enumerate configured and recently used file shares.
use post/windows/gather/enum_sharesset SESSION <session id>runEnumerate currently configured shares (default: true)
Enumerate recently mapped shares (default: true)
Enumerate recently entered UNC Paths in the Run Dialog (default: true)
msf > use post/windows/gather/enum_shares
msf post(windows/gather/enum_shares) > set session 1
session => 1
msf post(windows/gather/enum_shares) > run
[*] Running module against WIN-17B09RRRJTG (192.168.200.218)
[*] The following shares were found:
[*] Name: SYSVOL
[*] Path: C:\Windows\SYSVOL\sysvol
[*] Remark: Logon server share
[*] Type: DISK
[*]
[*] Name: NETLOGON
[*] Path: C:\Windows\SYSVOL\sysvol\corp.local\SCRIPTS
[*] Remark: Logon server share
[*] Type: DISK
[*]
[*] Recent mounts found:
[*] \\127.0.0.1\C$
[*]
[*] Recent UNC paths entered in Run dialog found:
[*] \\10.1.1.100\
[*] \\127.0.0.1\C$
[*]
[*] Post module execution completed