A NULL session is used to allow clients or endpoints of a connection to access certain types of information across a network, and can sometimes reveal a wealth of information. A NULL session is something that occurs when a connection is made to a Windows system without the use of credentials. This session is one that can only be made to a special location by use of Inter-process Communication (IPC), which is an administrative share on a Windows system. In normal practice, NULL sessions are designed to facilitate a connection between systems on a network to allow one system to enumerate the other.
Information that may be obtained during this process includes
The results of a NULL session scan vary greatly and is affected by the target operating system version and what mitigations are in place.
Information that may be obtained during this process includes
- List of users and groups
- List of machines
- List of shares
- Users and host SIDs
- OS information
- Password policies
The results of a NULL session scan vary greatly and is affected by the target operating system version and what mitigations are in place.