Penetration Testing mailing list archives

Re: NULL session tools Linux

From: Paul Asadoorian <paul () pauldotcom com>
Date: Tue, 26 Sep 2006 12:29:38 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi David,

I never found a truly reliable way to test for null sessions from Linux.
 You could try using "smbclient" (part of Samba):

$ smbclient -I 192.168.1.31 -L MONKEY -N -U ""
Domain=[FOO] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager]

        Sharename       Type      Comment
        ---------       ----      -------
Error returning browse list: NT_STATUS_ACCESS_DENIED
Domain=[FOO] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager]

        Server               Comment
        ---------            -------

        Workgroup            Master
        ---------            -------

If the host was vulnerable you would see the share information, instead
you see "NT_STATUS_ACCESS_DENIED".  As I stated before, I don't know how
accurate this method will, but I supposed you could script it in
conjunction with "nbtscan" [1] and find out really quick :)

I found that hunt was the most reliable tool for identifying null
sessions[2].

Paul

[1] http://www.unixwiz.net/tools/nbtscan.html

[2] http://www.brown.edu/Facilities/CIS/CIRT/help/netbiosnull.html


David Huemer wrote:

Hi!

Does anyone know some good Linux tools for enumerating NULL sessions?


- --
Paul Asadoorian
Email:   paul () pauldotcom com
Web:     http://pauldotcom.com
IRC:      #pauldotcom | irc.freenode.net

# rm -fr *clothing* ; ./hack.sh

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFGVVxEVNhUUh/4JQRAucBAJ9J6XwpGDIkGAOLy+DX49fy+85m3gCfTBkb
/6wflQj4ivLOCRrOjYjTtnI=
=m0rj
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

Current thread:

NULL session tools Linux David Huemer (Sep 26)
- Re: NULL session tools Linux MdMonk (Sep 26)
- Re: NULL session tools Linux Paul Asadoorian (Sep 26)
- Re: NULL session tools Linux Kish Pent (Sep 26)
- Re: NULL session tools Linux Ivan Arce (Sep 27)