Null session
A null session is an anonymous connection to a freely accessible network share called IPC$ on Windows-based servers.[1] It allows immediate read and write access with Windows NT/2000 and read-access with Windows XP and 2003.
To establish such a connection from a DOS-prompt these commands can be used:
net use \\IP address_or_host name\ipc$ "" /user:""
net use
Regarding the possibilities from such a connection:
From a NULL session, hackers can call APIs and use Remote Procedure calls to enumerate information. These techniques can, and will provide information on passwords, groups, services, users and even active processors. NULL session access can also even be used for escalating privileges and perform DoS attacks.—Ixis Research LTD[1]
References
- ↑ 1.0 1.1 "How is information enumerated through NULL session access, Remote Procedure Calls and IPC$?". Ixis Research LTD. Retrieved 24 February 2013.