With modern script libraries, which were written by the author, the Nmap Scripting
Engine (NSE) has the ability to establish a null or authenticated session with all modern versions of Windows. By leveraging these sessions, scripts have the ability to probe and explore Windows systems in great depth, providing an attacker with invaluable information about the server. This paper will look at how SMB and Microsoft RPC services work, how the Nmap scripts take advantage of the services, what checks the scripts are able to do, and what can be done to prevent them.



download pdf :
**Hidden Content: To see this hidden content your post count must be 35 or greater.**