A NULL session is used to allow clients or endpoints of a connection to access certain types of information across a network, and can sometimes reveal a wealth of information. A NULL session is something that occurs when a connection is made to a Windows system without the use of credentials. This session is one that can only be made to a special location by use of Inter-process Communication (IPC), which is an administrative share on a Windows system. In normal practice, NULL sessions are designed to facilitate a connection between systems on a network to allow one system to enumerate the other.

Information that may be obtained during this process includes

• List of users and groups
• List of machines
• List of shares
• Users and host SIDs
• OS information
• Password policies

The results of a NULL session scan vary greatly and is affected by the target operating system version and what mitigations are in place.