nerdexam
EC-Council

312-50V10 · Question #477

Which among the following is a Windows command that a hacker can use to list all the shares to which the current user context has access?

The correct answer is B. NET USE. NET USE displays the current user's active connections to network shared resources, making it useful for enumerating accessible shares in the current user context.

Enumeration

Question

Which among the following is a Windows command that a hacker can use to list all the shares to which the current user context has access?

Options

  • ANET FILE
  • BNET USE
  • CNET CONFIG
  • DNET VIEW

How the community answered

(42 responses)
  • B
    95% (40)
  • C
    2% (1)
  • D
    2% (1)

Why each option

NET USE displays the current user's active connections to network shared resources, making it useful for enumerating accessible shares in the current user context.

ANET FILE

NET FILE lists open files and file locks on a server, not the shares accessible to the current user.

BNET USECorrect

NET USE lists all current network connections and shared resources that the active user context has mapped or connected to. An attacker running this command can enumerate all shares the compromised account is actively connected to, revealing potential lateral movement targets and sensitive data locations.

CNET CONFIG

NET CONFIG displays the configuration of the Workstation or Server service, not shared resource connections.

DNET VIEW

NET VIEW lists shares advertised by a specific computer or domain, but does not show what the current user context is connected to or has access to.

Concept tested: Windows NET USE command for share enumeration

Source: https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/gg651155(v=ws.11)

Topics

#NET USE#Windows commands#network shares#enumeration

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice