Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Null Session

From: Paul Asadoorian <paul () pauldotcom com>
Date: Fri, 12 Jan 2007 11:39:49 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Michael,

If its just other tools you are looking for, I document some in a NULL
Session article located here:

http://www.brown.edu/Facilities/CIS/CIRT/help/netbiosnull.html

If its new and excited ways to exploit NULL Sessions, like via RPC,
there is a great presentation located here:

http://www.hsc.fr/ressources/presentations/null_sessions/msrpc_null_sessions.pdf

Cheers,
Paul

- --
Paul Asadoorian
Email:   paul () pauldotcom com
Web:     http://pauldotcom.com
IRC:      #pauldotcom | irc.freenode.net

# rm -fr *clothing* ; ./hack.sh

Michael J Condon wrote:

What alternatives are there to the "Holy Grail" null session
(net use \\ipaddress\IPC$ "" /user:"") if this method does not work?



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFp7nVEVNhUUh/4JQRAmm3AKCutGZcc3Cj+DEJSO0kms9VfoFdaACg5C9B
ltAgRRK6KkraTwQipIWuqIs=
=X0yP
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: