<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Null-Session on Ethical Hacking | Pentest e Sicurezza Informatica | Hackita</title><link>https://hackita.it/tags/null-session/</link><description>Recent content in Null-Session on Ethical Hacking | Pentest e Sicurezza Informatica | Hackita</description><generator>Hugo</generator><language>it</language><lastBuildDate>Sat, 25 Apr 2026 00:00:00 +0000</lastBuildDate><atom:link href="https://hackita.it/tags/null-session/index.xml" rel="self" type="application/rss+xml"/><item><title>Porta 135 RPC Windows: Null Session, WMI Exec e Lateral Movement AD</title><link>https://hackita.it/articoli/porta-135-rpc/</link><pubDate>Sat, 25 Apr 2026 00:00:00 +0000</pubDate><guid>https://hackita.it/articoli/porta-135-rpc/</guid><description>&lt;p&gt;La porta 135 espone &lt;strong&gt;Microsoft RPC&lt;/strong&gt; (Remote Procedure Call) — il servizio Windows fondamentale che coordina comunicazione inter-process tra sistemi, operante come endpoint mapper per servizi DCOM, WMI, DCOM e decine di Windows APIs remote. RPC su TCP porta 135 agisce come &amp;ldquo;directory service&amp;rdquo; simile a RPCbind Unix (porta 111), mappando UUID servizi a porte dinamiche high-range (49152-65535), permettendo applicazioni Windows di invocare procedure remote senza conoscere porte specifiche. In penetration testing Active Directory, la porta 135 è &lt;strong&gt;gateway critico multi-vettore&lt;/strong&gt;: enumeration massiva domain controllers/workstations, null session exploitation pre-SMB, WMI lateral movement, DCOM exploitation (CVE-2017-8464, MS03-026), e information disclosure via RPC endpoint mapping. Ogni Windows host con porta 135 aperta espone &lt;strong&gt;decine di servizi RPC&lt;/strong&gt; potentially vulnerable — da null session enumeration a remote code execution via DCOM.&lt;/p&gt;</description></item></channel></rss>