snaffler.exe

snaffler absolutely rules and finding good SMB share treasures!

warning

I've been having Snaffler performance problems where no matter what I do, the processor and/or memory slowly max out. After a TON of troubleshooting, here's what worked for me:

Once you get Snaffler snafflin', go into Task Manager > Details, then right-click the snaffler.exe and choose Set Affinity and then only check one processor. Snaffler took forever but did NOT render my system unusable.

Spawn a "runas" box

You'll want to spawn a "runas" command window under the context of your test Active Directory account. Syntax for that is here.

General domain-wide snaffling

snaffler.exe -s -d domain.com -c THE.DC.IP.ADDRESS -o snaffy.log -m DUMPFOLDER

snaffler -s -d domain.com -c IP-OF-DOMAIN-CONTROLLER -o snaffspecific.log -n SOME-SYSTEM -m folder-to-dump-files-to

Spawn a "runas" box​

General domain-wide snaffling​

Targeted snaff of a specific machine share​

Spawn a "runas" box

General domain-wide snaffling

Targeted snaff of a specific machine share