SMB and Null Sessions: Why Your Pen Test is Probably Wrong
IPC$ Share #
IPC$ is a special share used to facilitate inter-process communication (IPC). It does not allow access to files or directories, but it allows to communicate with processes running on the remote system.
Specifically, IPC$, exposes named pipes, which can be written or read to communicate with remote processes. These named pipes are opened by the application and registered with SMB so that it can be exposed by the IPC$ share.
They are usually used to perform specific functions on the remote system, also known as RPC or remote procedure calls.
Some versions of Windows allow you to authenticate and mount the IPC$ share without providing a username and password. Such a connection is often called a NULL session, which, despite its limited privileges, could be used to make multiple RPC calls and obtain useful information about the remote system.7