net view /domain
and then
net view /domain:domain_name
Look for interesting hosts and attempt to connect to the default shares:
net use * \\computer_name\c$ /user:administrator
The other default shares are: IPC$, Admin$.
Another method
rpcclient -c "netshareenum 1" -U % 192.168.10.12
Enumarate all the shares
I am not at all repsonsible for the usage of this information. I intended to have it here for educational purposes only!
