RPC null session

RPC null session

Hey folks. Quick question, sorry if this is the wrong space. I'm building a small CTF challenge based on a domain controller Windows box (Server 2022). The challengers will need to make use of the enumdomusers remote procedure call to grab a list of valid users and progress further. I'm having trouble configuring the Windows box to accept null sessions. I've seen RPC null sessions so many times from the other side of the CTF, I didn't realise how frustrating it would be to configure it myself.

I've made every conceivable change to the group policy applied to the Windows box to allow anonymous access including the below changes. At the moment I just get "NT_STATUS_LOGON_FAILURE" when attempting a null session.

https://preview.redd.it/1ddyqawawyv81.png?width=653&format=png&auto=webp&s=750090cbdfb8bd861e11f92d80b295e34a81d253

Authenticated RPC sessions are working fine, so I'm thinking it's not a firewall/network issue. Any help much appreciated!

As an aside, quite how server owners manage to configure RPC to accept null sessions where it's not default on the OS is beyond me after how long I've spent digging around on this.

submitted by /u/NobodyTellsMe
[link] [comments]


from hacking: security in practice https://ift.tt/gxr9v8C

Comments