Home page logo

pen-test logo Penetration Testing mailing list archives

RE: NetBIOS Null Sessions
From: "Ward, Jon" <Jon_Ward () syntelinc com>
Date: Tue, 12 Apr 2011 16:59:37 -0400

It's been a long time since I've dealt with null sessions, but perhaps these articles could be of some help.



-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Balaji Vasanth
Sent: Monday, April 11, 2011 12:15 AM
To: pen-test () securityfocus com
Subject: NetBIOS Null Sessions

Hi all,

I have just stepped into the field of Network Penetration Testing and was trying to play with the popular null 
sessions. I enabled the null sessions on a Win XP (running in VM) as below:

Local Security policy:
Network Access: Do not allow anonymous enumeration of SAM accounts: Disabled
Network Access: Do not allow anonymous enumeration of SAM accounts and shares:Disabled


net use \\\ipc$ "" /u:"" is a success. But when i execute "net view \\" there is a "System error 5 has 
occurred.Access is denied" error message. Googling for the same hasn't turned out the expected results on how to 
correct this. Do i need to configure any additional settings in the Win XP machine to completely allow null sessions? 
Firewall is turned off by the way.

Thanks in advance


This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]