snaffler.exe
snaffler absolutely rules and finding good SMB share treasures!
Spawn a "runas" box
You'll want to spawn a "runas" command window under the context of your test Active Directory account. Syntax for that is here.
General domain-wide snaffling
snaffler.exe -s -d domain.com -c THE.DC.IP.ADDRESS -o snaffy.log -m folder-to-dump-files-to
caution
I've found that sometimes snaffler gets processor-heavy and kicks me out of my remote session to the Windows VM. So I sometimes like to limit the threads with -x
. The Snaffler FAQ says Don't set it to below 4 or s*** will break
so I like to do -x 4
. I've played with 7
because it's my favorite number but even that tends to cause issues.
Targeted snaff of a specific machine share
snaffler -s -d domain.com -c IP-OF-DOMAIN-CONTROLLER -o snaffspecific.log -n SOME-SYSTEM -m folder-to-dump-files-to