Using NULL sessions to view shares and user accounts
6 February 2002 by Snakefoot | Comment » | Trackback OffIt is possible to access the IPC$ share with a null session,
after that one can access information about the machine configuration.
How to create a null session:
Disabling Netbios or blocking the ports 137-139 doesn't close for Null-Sessions, unless one also closes the SMB on port 445.
Related Restrict access to NULL sessions
More Info MS KB Q132679
More Info MS KB Q289655
Credits The Hack FAQ
How to create a null session:
How to access shares after creation of null session:net use \\IP_ADDRESS\ipc$ "" /user:""
How to list administrators after creation of null session:net view \\IP_ADDRESS
How to list group members in "domain admins" after creation of null session:local administrators \\IP_ADDRESS
The utilities local.exe and global.exe. They are part of the Windows NT Resource Kit. WInfo is a 3rd party utility that also can exploit null sessions.global "domain admins" \\IP_ADDRESS
Disabling Netbios or blocking the ports 137-139 doesn't close for Null-Sessions, unless one also closes the SMB on port 445.
Related Restrict access to NULL sessions
More Info MS KB Q132679
More Info MS KB Q289655
Credits The Hack FAQ
Tags:
Category:
Updated: 23 September 2007