Using NULL sessions to view shares and user accounts
It is possible to access the IPC$ share with a null session, after that one can access information about the machine configuration.
How to create a null session:
net use \\IP_ADDRESS\ipc$ “” /user:””
How to access shares after creation of null session:
net view \\IP_ADDRESS
How to list administrators after creation of null session:
local administrators \\IP_ADDRESS
How to list group members in “domain admins” after creation of null session:
global “domain admins” \\IP_ADDRESS
The utilities local.exe and global.exe. They are part of the Windows NT Resource Kit. WInfo is a 3rd party utility that also can exploit null sessions.
Disabling Netbios or blocking the ports 137-139 doesn’t close for Null-Sessions, unless one also closes the SMB on port 445.
Related Restrict access to NULL sessions
More Info MS KB132679
More Info MS KB289655
Credits The Hack FAQ