Categories
Welcome Center
Education & Development
Discussions
Certification Preparation
Recent Posts
Groups
Free Resources
Ebooks
Free Workshops
Trending Certifications Infographic
Infosec Training
IT & Security Training
Live Boot Camps
Security Awareness Training
About Infosec Institute
Home
Certification Preparation
GIAC
SANS 560 - Net Use & System Error 5 "Access is denied"
valbizuresjr81
Please let me know if this is not the correct forum to post these types of questions:
I'm trying to create a session between two windows 10 "workstations"
Target & Attacking Machine are set to Send LM & NTLM responses
UNC is disabled on both
Firewall is disabled on both
No Anti-virus running on either
From the Attacking macine I'm running:
net use * \\targetipaddress\c$
prompted for user name and password.
Then I get
System error 5 has occured. Access is denied.
When I look at the target machine I see a Logon event followed by a log off event. (See below). Not sure what else to try to get this to work. Any advice?
Thanks in advance.
An account was successfully logged on.
Subject:
Security ID: NULL SID
Account Name: -
Account Domain: -
Logon ID: 0x0
Logon Information:
Logon Type: 3
Restricted Admin Mode: -
Virtual Account: No
Elevated Token: No
Impersonation Level: Impersonation
New Logon:
Security ID: EmmaNayeli\valbizures
Account Name: valbizures
Account Domain: EmmaNayeli
Logon ID: 0xECB8205
Linked Logon ID: 0x0
Network Account Name: -
Network Account Domain: -
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x0
Process Name: -
Network Information:
Workstation Name: WOPR
Source Network Address: 192.168.1.76
Source Port: 52007
Detailed Authentication Information:
Logon Process: NtLmSsp
Authentication Package: NTLM
Transited Services: -
Package Name (NTLM only): NTLM V1
Key Length: 128
Followed By:
An account was logged off.
Subject:
Security ID: EmmaNayeli\valbizures
Account Name: valbizures
Account Domain: EmmaNayeli
Logon ID: 0xECB8205
Logon Type: 3
Find more posts tagged with
Save $250 on 2025 certification boot camps from Infosec!
Book now with code EOY2025
Button
Comments
TechGromit
Check if the SMB is disabled.
To enable or disable SMBv1 on the SMB server, configure the following registry key:
Registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters
Registry entry: SMB1
REG_DWORD: 0 = Disabled
REG_DWORD: 1 = Enabled
Default: 1 = Enabled
To enable or disable SMBv2 on the SMB server, configure the following registry key:Registry subkey:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters
Registry entry: SMB2
REG_DWORD: 0 = Disabled
REG_DWORD: 1 = Enabled
Default: 1 = Enabled
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
INFOSEC Boot Camps
$250
OFF
Use code
EOY2025
to receive $250 off your 2025 certification boot camp!
BROWSE BOOT CAMPS
