Re: Null Session

From: H D Moore (sflist@digitaloffense.net)
Date: Mon Mar 07 2005 - 16:04:33 EST

• Next message: Randy Golly: "RE: Testing large networks"
• Previous message: Matthew Caston: "Re: Testing large networks"
• In reply to: Wbsony: "Null Session"
• Next in thread: Isidro Labrador: "Avoiding Postfix Fingerprinting"
• Reply: Isidro Labrador: "Avoiding Postfix Fingerprinting"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Windows XP and 2003 will map an invalid login to an anonymous session. You
can tell whether your authentication is a real or anonymous one by
checking the "Action" flag in the response to your SessionSetup request.
For some goofy reason, Windows XP will deny "null" authentication, but
allow null sessions with an invalid username. The server will accept
connections to the remote registry service and the ADMIN$ share, but you
will not have access to view or modify the contents in a default
configuration.

-HD

On Sunday 06 March 2005 06:54, Wbsony wrote:
> Anybody encountered this situation before and could enlighten me?

• Next message: Randy Golly: "RE: Testing large networks"
• Previous message: Matthew Caston: "Re: Testing large networks"
• In reply to: Wbsony: "Null Session"
• Next in thread: Isidro Labrador: "Avoiding Postfix Fingerprinting"
• Reply: Isidro Labrador: "Avoiding Postfix Fingerprinting"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:17 EDT