Penetration Testing mailing list archives
Re: Null Session
From: Paul Asadoorian <paul () pauldotcom com>
Date: Fri, 12 Jan 2007 11:39:49 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Michael, If its just other tools you are looking for, I document some in a NULL Session article located here: http://www.brown.edu/Facilities/CIS/CIRT/help/netbiosnull.html If its new and excited ways to exploit NULL Sessions, like via RPC, there is a great presentation located here: http://www.hsc.fr/ressources/presentations/null_sessions/msrpc_null_sessions.pdf Cheers, Paul - -- Paul Asadoorian Email: paul () pauldotcom com Web: http://pauldotcom.com IRC: #pauldotcom | irc.freenode.net # rm -fr *clothing* ; ./hack.sh Michael J Condon wrote:
What alternatives are there to the "Holy Grail" null session (net use \\ipaddress\IPC$ "" /user:"") if this method does not work?
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFp7nVEVNhUUh/4JQRAmm3AKCutGZcc3Cj+DEJSO0kms9VfoFdaACg5C9B ltAgRRK6KkraTwQipIWuqIs= =X0yP -----END PGP SIGNATURE----- ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Null Session Michael J Condon (Jan 06)
- Re: Null Session Peter Wood (Jan 08)
- Re: Null Session Lee Lawson (Jan 08)
- Re: Null Session pand0ra (Jan 08)
- Re: Null Session Paul Asadoorian (Jan 13)
- <Possible follow-ups>
- Re: Null Session kushwadhwa (Jan 08)
- Re: Null Session kushwadhwa (Jan 10)