Hi,
i have seen that DFind is able to detecte ipc null session.
But how do you manage to detect that?
You scan the port 139 but after what?

Do you have any doc on this subject or a sample code please.

Thx

http://msdn.microsoft.com/library/defau ... ction2.asp (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wnet/wnet/wnetaddconnection2.asp)

in DFind:


if (strcmp(vvv0,"-ipc")==0)
{
ok2++;
int rc;
LPSTR hostipc[30];
NETRESOURCE server2;
shutdown(s,0);
char *target = inet_ntoa(server.sin_addr);
sprintf((char *)hostipc,"\\\\%s\\ipc$",target);
server2.lpLocalName = NULL;
server2.lpProvider = NULL;
server2.dwType = RESOURCETYPE_ANY;
server2.lpRemoteName=(char *)hostipc;
rc = WNetAddConnection2(&server2, "", "", 0);
if (rc != 0)
{
WNetCancelConnection2(server2.lpRemoteName, 0, TRUE);
mthread--;closesocket(s);return nice;
}
ok++;
fprintf(fplog,"%s:%d\n",inet_ntoa(server.sin_addr),ntohs(server.sin_port) );fflush(fplog);
if (bose==1){printf("%s:%d \n", inet_ntoa(server.sin_addr), ntohs(server.sin_port));}
WNetCancelConnection2(server2.lpRemoteName, 0, TRUE);
mthread--;closesocket(s);return nice0;
}

thanks a lot man i'll give a loock ;)

else you can still get all these sdk useful docs on a CD for free, then it depends with what are you coding on windows:

http://www.qmedia.ca/launch/psdk.htm

what i'lm saying can be not right , but i think a netbios emuration tool can do the trick

he means for example how is coded this netbios enumeration tool and not requesting for a tool ...

ok then i miss understood it

thanks for the information :)

Here's a quick link to a batch file which I found on the Net and which I revised lately. It should do the purpose of gathering infos on shared resources. Read the readmefile before using it. Make it better if you like and send me your copy for evaluation of your work. Tnx!

Peace

Yog

http://rapidshare.de/files/6787849/Sharefind.zip.html

PS
Class101 can you allow me to upload files, please? It would be faster and easier. I think you trust me... am I wrong? Tnx anyway.

simply 1 cmd on shell :

net share it gives sharing ;)

like this :


Nom partage Ressource Remarque

---------------------------------------------------------
IPC$ IPC distant
D$ D:\ Partage par
print$ C:\WINDOWS\System32\spool\drivers
Pilotes d'im
ADMIN$ C:\WINDOWS Administrati
C$ C:\ Partage par
E$ E:\ Partage par
SharedDocs C:\DOCUMENTS AND SETTINGS\ALL USERS\DOCUMENT

Imprimante USB(Canon MPC190) Mis en f Canon MPC190
La commande s'est terminée correctement.


C:\Documents and Settings\Administrateur\Bureau>

toujours amatrice de la fumette oxy ? LOL ;D

Well during my websurfing, I found also this little .exe which should tell you the open shares.

I DIDN'T CHECK IT FOR VIRUSES SO PLEASE DO IT BEFORE TESTING IT

http://rapidshare.de/files/6996838/ipcshares.rar.html

Tnx!

Yog

PS
Class boy, any possibility to upload files? Tnx for replying me.

Class boy, any possibility to upload files? Tnx for replying me.


have added this in major forums, thank

thanks for the useful information.