Description:
A NULL session connection is an unauthenticated connection to an Windows machine. Gaining NULL session access to a Windows system is the number one method for hackers to enumerating information about the machine. From a NULL session hackers can call APIs and use Remote Procedure calls to enumerate information. These techniques can, and will provide information on passwords, groups, services, users and even active processors. NULL session access can also even be used for escalating privileges and perform DoS attacks.
In this video, L4amer from
Practical Exploitation takes us through 3 tools that do enumeration using null sessions. Metasploit, rpcclient, and smbenum.py.
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Comments: