Because we ran the nmap scan with -A we can see it also ran a script scan for us which can give us potential information about the versions of the things used but it can give us a good idea.
We need to know what version its running exactly because it can potentially lead to an exploit for us .
To enumerate this port we use our most important tool that is Metasploit
To Start it up
then we search for the port we wanna exploit basically
msf5 > search smb
This shows us a lot of results a lot of modules for the protocol we defined and then in the results we can see what the module does by the thing written in it first part -
auxiliary - Is for ennumeration
exploit - Is for exploitation
post - is post Expoitation
and then the second part tells us what its actually doing like whats going on behind the scenes of this exploit or ennumeration or post method kinda thing.Examples -Denial of service,Fuzzing,Gathering,Scanner
Now how do we use the modules and exploit stuff with them.
We go to the ms console and just write use and either the name of the module or the number it was listed on
and then to get information about the module you can use info
and it will infromation about the thing