新进化论

道生一,一生二,二生三,三生万物。

  博客园 :: 首页 :: 博问 :: 闪存 :: 新随笔 :: 联系 :: 订阅 订阅 :: 管理 ::

SMB and Null Sessions: Why Your Pen Test is Probably Wrong

IPC$ Share #

IPC$ is a special share used to facilitate inter-process communication (IPC). It does not allow access to files or directories, but it allows to communicate with processes running on the remote system.

Specifically, IPC$, exposes named pipes, which can be written or read to communicate with remote processes. These named pipes are opened by the application and registered with SMB so that it can be exposed by the IPC$ share.

They are usually used to perform specific functions on the remote system, also known as RPC or remote procedure calls.

Some versions of Windows allow you to authenticate and mount the IPC$ share without providing a username and password. Such a connection is often called a NULL session, which, despite its limited privileges, could be used to make multiple RPC calls and obtain useful information about the remote system.7

posted on 2021-12-17 16:07  岌岌可危  阅读(54)  评论(0编辑  收藏  举报