Hardcoded named pipes (1/2)

The NullSessionPipes registry value is supposed to contain named pipes allowed to be opened anonymously
Up to Windows XP SP2 and Windows 2003 SP1, 6 named pipes are always implictly allowed to be opened anonymously
- \pipe\lsarpc \pipe\samr \pipe\netlogon
- \pipe\wkssvc \pipe\srvsvc \pipe\browser
Particularly misleading, as these 6 named pipes do not appear in the NullSessionPipes registry value
Sidenote: NullSessionPipes can not be modified to protect against recent MSRPC vulnerabilities
- wkssvc vulnerability (MS03-049)
- dssetup vulnerability (MS04-011)

The NullSessionPipes registry value is supposed to contain named pipes allowed to be opened anonymously