Comment on page

Enumerate anonymous logon

Using a random username and password you can check if the target accepts annonymous/guest logon
I'm not sure about the diff between an anonymous logon and a guest logon, if you have the answer feel free to reach me out on twitter so I can update this page
Make sure the password is empty 
cme smb 10.10.10.178 -u 'a' -p ''
You can also check this behavior with smbclient or rpcclient
smbclient -N -L \\10.10.10.178
rpcclient -N -L 10.10.10.178
Network access: Shares that can be accessed anonymously
docsmsft
Example
Nest machine is a good example of anonymous logon with CrackMapExec
https://www.hackthebox.eu/home/machines/profile/225
www.hackthebox.eu

Enumerate null sessions

Enumerate active sessions

Last modified 11mo ago