search
Buy me a tea

RPC

  • Usually on port 135, 593

hashtag
Enumerate RPC

hashtag
rpcclient

  • rpcclient -U "" -c "enumdomusers" -N 10.10.10.161 enumerate users

  • rpcclient -U "" -c "enumprivs" -N 10.10.10.161 enumerate privileges

  • Get domain info rpcclient -U "" -c "querydominfo" -N 10.10.10.161

  • rpcclient -U "" -c "enumdomgroups" -N 10.10.10.161 enumerate group

hashtag
Resources

LogoActive Directory Enumeration: RPCClientHacking Articleschevron-right
Active Directory Enumeration: RPCClient
Logo135, 593 - Pentesting MSRPC - HackTricksbook.hacktricks.xyzchevron-right
Pentesting MSRPC
PreviousRDPNextRservices

Last updated