You are here: Encyclopedia > Encyclopedia Part 5 > What is a Null Session?
What is a Null Session?
Windows has its own way of characterizing an anonymous user and this is through the process of the null session. The null sessions are the unauthenticated sessions of the Server Message Block (SMB), which is the core network protocol of the Windows operating system. It is a type of communication in which the function focuses mainly on supplying foundation of network file as well as print sharing services.
One can generate a null session with the use of a Windows net program in order to perform connection mapping while utilizing a blank name and password. According to the experts, the sole purpose of this Windows process is to aid in the call for RPC operations on a remote system in a very discreet manner.
Of course, like any other processes, the null session also has its own security hole that is deemed vulnerable to attacks by some vicious online criminals. The attacker can utilize the vulnerability in the null session in order to connect to an unprotected interprocess communication (IPC$) share of the Windows system even from afar or over the web.
It will be very easy for malicious crooks to exploit an unsecured Windows system by entering some codes at the Windows command prompt. Based on studies, the attacker will just have to basically enter “net use \\ip_address\ipc$” and “/user:” at the command prompt in order to easily gain access into the system.
There are other applications an invader may use in order to successfully carry out his plans and these are the Winfo, Walksam, and some sorts of Windows Resource Kit tools. There are also the net programs that are components of Windows, meant specifically for collecting large amount of information from the system. These devices may only be utilized after a null session has already been launched manually. The kinds of information that can be amassed even without logging in are the following: share names, security policy settings, user ID, and the users who are still logged in.