Published:The following excerpt is from Chapter 2 of 'Protect Your Windows Network from Perimeter to Data' written by Jesper Johansson and Steve Riley. Click for or.Hacking other machinesWe have now pierced the eggshell. At this point, the objective is to fully 'own' the network and take over everything else. To start with, we need to gather some more information on our target. For that we use a utility that enumerates information from a system over a null session. A null session is an anonymous connection (i.e., one made without any authentication). By default, some Windows systems give out more information than others over such a port.
Of course, in this case, we run it against localhost, meaning that anonymous restrictions do not apply to us.C:warezdumpinfo 127.0.0.1The Administrator is: PYN-SQLAdministratorUsers on PYN-SQL:RID 1000PYN-SQLTsInternetUsera UserRID 1001PYN-SQLSQLDebuggera UserShareTypeCommentIPC$UnknownRemote IPCADMIN$SpecialRemote AdminC$SpecialDefault shareAdministrators: PYN-SQLAdministrator PYN-DMZids PYN-DMZDomain AdminsFrom this, we learn that there is not much on this system. It looks rather like a default system.