VULHUB ™

The LsaQueryInformationPolicy() function can be used to retrieve an NT domain's SID from any workstation in that domain. This can be done remotely by an anonymous user through a null session. That SID can then be used to obtain lists of user's names and SIDs for brute force attacks.

The LsaQueryInformationPolicy() function can be used to retrieve an NT domain's SID from any workstation in that domain. This can be done remotely by an anonymous user through a null session. That SID can then be used to obtain lists of user's names and SIDs for brute force attacks.