Penetration Testing mailing list archives
RE: NetBIOS Null Sessions
From: "Ward, Jon" <Jon_Ward () syntelinc com>
Date: Tue, 12 Apr 2011 16:59:37 -0400
It's been a long time since I've dealt with null sessions, but perhaps these articles could be of some help. http://support.microsoft.com/kb/289655 http://support.bigfix.com/bes/misc/null_session_share.html -jon -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Balaji Vasanth Sent: Monday, April 11, 2011 12:15 AM To: pen-test () securityfocus com Subject: NetBIOS Null Sessions Hi all, I have just stepped into the field of Network Penetration Testing and was trying to play with the popular null sessions. I enabled the null sessions on a Win XP (running in VM) as below: Local Security policy: Network Access: Do not allow anonymous enumeration of SAM accounts: Disabled Network Access: Do not allow anonymous enumeration of SAM accounts and shares:Disabled HKLM\System\CurrentControlSet\Control\Lsa\RestrictAnonymous=0 HKLM\System\CurrentControlSet\Control\Lsa\RestrictAnonymousSAM=0 net use \\1.2.3.4\ipc$ "" /u:"" is a success. But when i execute "net view \\1.2.3.4" there is a "System error 5 has occurred.Access is denied" error message. Googling for the same hasn't turned out the expected results on how to correct this. Do i need to configure any additional settings in the Win XP machine to completely allow null sessions? Firewall is turned off by the way. Thanks in advance Regards Balaji ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- NetBIOS Null Sessions Balaji Vasanth (Apr 12)
- RE: NetBIOS Null Sessions Ward, Jon (Apr 12)