Microsoft Windows SMB LsaQueryInformationPolicy Function NULL Session Domain SID Enumeration

info Nessus Plugin ID 10398


It was possible to obtain the domain SID.


By making or emulating a call to LsaQueryInformationPolicy(), it was possible to obtain the domain SID (Security Identifier).

The domain SID can then be used to get the list of users of the domain.

Plugin Details

Severity: Info

ID: 10398

File Name: smb_dom2sid.nasl

Version: 1.59

Type: local

Agent: windows

Family: Windows

Published: 5/9/2000

Updated: 1/31/2024

Supported Sensors: Nessus Agent, Nessus

Vulnerability Information

Required KB Items: SMB/transport, SMB/name, SMB/login, SMB/password, SMB/test_domain