312-50V10 · Question #477
Which among the following is a Windows command that a hacker can use to list all the shares to which the current user context has access?
The correct answer is B. NET USE. NET USE displays the current user's active connections to network shared resources, making it useful for enumerating accessible shares in the current user context.
Question
Which among the following is a Windows command that a hacker can use to list all the shares to which the current user context has access?
Options
- ANET FILE
- BNET USE
- CNET CONFIG
- DNET VIEW
How the community answered
(42 responses)- B95% (40)
- C2% (1)
- D2% (1)
Why each option
NET USE displays the current user's active connections to network shared resources, making it useful for enumerating accessible shares in the current user context.
NET FILE lists open files and file locks on a server, not the shares accessible to the current user.
NET USE lists all current network connections and shared resources that the active user context has mapped or connected to. An attacker running this command can enumerate all shares the compromised account is actively connected to, revealing potential lateral movement targets and sensitive data locations.
NET CONFIG displays the configuration of the Workstation or Server service, not shared resource connections.
NET VIEW lists shares advertised by a specific computer or domain, but does not show what the current user context is connected to or has access to.
Concept tested: Windows NET USE command for share enumeration
Source: https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/gg651155(v=ws.11)
Topics
Community Discussion
No community discussion yet for this question.