Why are hidden Windows shares not really hidden?

linux windows network-share server-message-block
6,603

As already stated in the comments, the dollar sign trailing the share name is just interpreted by the client so the share is removed from views. Ultimately, the share will be part of the result set of the NetShareEnum API call. You also can use the net view \\computername /all command to list all shares (including hidden ones) on from Windows Vista / Server 2008.

The kind of privileges needed might depend on the server's version and configuration. Windows Server 2003 and earlier allowed share enumeration using NULL session (so no authentication needed to be provided at all) by default. Windows Server 2008 changes this, "everybody" can enumerate all shares - which would require authentication using any valid user (including the Guest user, if enabled).

Share:
6,603

Related videos on Youtube

Luc
Author by

Luc

Manufactured over 2 decades ago; interested in computer security and software engineering. See lgms.nl/email to contact me.

Updated on September 18, 2022

Comments

  • Luc
    Luc over 1 year

    I've been taught that by appending a dollar sign to a share name, Windows would make it invisible to clients. And indeed, on Windows you can't see shares ending in a dollar sign; you have to type the name manually.

    Browsing a list of shared folders on my Linux desktop though, I can see all shares just fine - hidden or not hidden. All shares like C$ and ADMIN$ are there together with the visible ones.

    I thought Windows' SMB server simply didn't give out those names to anyone by design, how come Linux can view them?

    To view the list of shares I did log in, might that have anything to do with it? Some special usergroup that enables you to view all shares?

  • Brent Pabst
    Brent Pabst over 11 years
    As an added bonus this gets even more complicated with DFS in an environment as DFS also has the ability to do user-based folder hiding.
  • Luc
    Luc over 11 years
    Could you point to a specific part in the page you linked? I don't understand what you mean to refer to, and the document is quite large.
  • Scott Pack
    Scott Pack over 11 years
    Whilst this may theoretically answer the question, it would be preferable to include the essential parts of the answer here, and provide the link for reference.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Can't access SMB shares on Windows but can on Linux
Cannot Access Windows 2012R2 Shares from Windows 2003 Server
What exactly is insecure about Samba access over the Internet?
Windows 8 and SMB2 Issues
Best file sharing protocol for Windows clients?
How to mount a windows administrative share on linux via SMB
Preventing Mac OS X clients from polluting Windows shares with resource forks
Small writes to SMB network share are slow on Windows, fast over CIFS Linux mount
Long pause when accessing DFS namespace
How to force Windows to prompt for credentials while accessing share