Null Session Hacking On Windows
|
|
|
||||||||||||
Description:
A NULL session connection is an unauthenticated connection to an Windows machine. Gaining NULL session access to a Windows system is the number one method for hackers to enumerating information about the machine. From a NULL session hackers can call APIs and use Remote Procedure calls to enumerate information. These techniques can, and will provide information on passwords, groups, services, users and even active processors. NULL session access can also even be used for escalating privileges and perform DoS attacks.
In this video, L4amer from Practical Exploitation takes us through 3 tools that do enumeration using null sessions. Metasploit, rpcclient, and smbenum.py.
In this video, L4amer from Practical Exploitation takes us through 3 tools that do enumeration using null sessions. Metasploit, rpcclient, and smbenum.py.