Hidden shares

w^rl0rd · April 2004

Why are shares like Admin$ and C$ created and shared by default in Computer Management? Is this a security breach?

pmann · April 2004

They are created by default, but you can only connect to a hidden share from an account with admin privilege.

It is possible to disable hidden shares, but deleting them is a problem since they are recreated on restart.

w^rl0rd · April 2004

What are they for?

pmann · April 2004

Theres one at the root of each hard drive (so C$, D$, E$, F$ etc.), these are to allow admin access.

There is a share to the system root (ADMIN$), which is the location of the C:\winnt folder for instance.

Theres another called IPC, Im not sure what that one is for, but I believe its a container for processes set off by applications which are being run over the network.

Admins will create additional hidden shares (by adding the $) for the custom setup of that system. On my system for instance I have some hidden shares which I use as holding areas for program updates, that I can then access across the whole site/network.

ajsie · July 2004

pmann wrote:

They are created by default, but you can only connect to a hidden share from an account with admin privilege..

exactly what do you mean by that?

i have tried getting access to the hidden shares with my admin privilige, my account is an administrator account = peter. password = lubeck.

i typed:

net use \\<ip>\c$ /u:<domain>\peter lubeck

but returned a error code 1385 if i remember right.

does anybody know how i can be able to get access?

Hidden shares

Comments