Conclusion

• Windows NULL sessions are here to stay

  • Still needed in some environments for backward compatibility
  • Used as attack vectors to exploit recent MSRPC vulnerabilities (MS03-049, MS04-011)

• A good knowledge of network protocols and Windows internals are recommended to understand NULL sessions

• A third-party MSRPC implementation is required to exploit NULL sessions effectively

• Recent Windows systems are more and more protected against NULL sessions

  • Additional hardening measures are still required