From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On Behalf Of Balaji Vasanth
Sent: Monday, April 11, 2011 12:15 AM
To: pen-test (at) securityfocus (dot) com [email concealed]
Subject: NetBIOS Null Sessions
Hi all,
I have just stepped into the field of Network Penetration Testing and was trying to play with the popular null sessions. I enabled the null sessions on a Win XP (running in VM) as below:
Local Security policy:
Network Access: Do not allow anonymous enumeration of SAM accounts: Disabled
Network Access: Do not allow anonymous enumeration of SAM accounts and shares:Disabled
net use \\1.2.3.4\ipc$ "" /u:"" is a success. But when i execute "net view \\1.2.3.4" there is a "System error 5 has occurred.Access is denied" error message. Googling for the same hasn't turned out the expected results on how to correct this. Do i need to configure any additional settings in the Win XP machine to completely allow null sessions? Firewall is turned off by the way.
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://support.microsoft.com/kb/289655
http://support.bigfix.com/bes/misc/null_session_share.html
-jon
-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On Behalf Of Balaji Vasanth
Sent: Monday, April 11, 2011 12:15 AM
To: pen-test (at) securityfocus (dot) com [email concealed]
Subject: NetBIOS Null Sessions
Hi all,
I have just stepped into the field of Network Penetration Testing and was trying to play with the popular null sessions. I enabled the null sessions on a Win XP (running in VM) as below:
Local Security policy:
Network Access: Do not allow anonymous enumeration of SAM accounts: Disabled
Network Access: Do not allow anonymous enumeration of SAM accounts and shares:Disabled
HKLM\System\CurrentControlSet\Control\Lsa\RestrictAnonymous=0
HKLM\System\CurrentControlSet\Control\Lsa\RestrictAnonymousSAM=0
net use \\1.2.3.4\ipc$ "" /u:"" is a success. But when i execute "net view \\1.2.3.4" there is a "System error 5 has occurred.Access is denied" error message. Googling for the same hasn't turned out the expected results on how to correct this. Do i need to configure any additional settings in the Win XP machine to completely allow null sessions? Firewall is turned off by the way.
Thanks in advance
Regards
Balaji
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
[ reply ]