Buy me a tea

RPC

  • Usually on port 135, 593

Enumerate RPC

rpcclient

  • rpcclient -U "" -c "enumdomusers" -N 10.10.10.161 enumerate users

  • rpcclient -U "" -c "enumprivs" -N 10.10.10.161 enumerate privileges

  • Get domain info rpcclient -U "" -c "querydominfo" -N 10.10.10.161

  • rpcclient -U "" -c "enumdomgroups" -N 10.10.10.161 enumerate group

Resources

LogoActive Directory Enumeration: RPCClientHacking Articles
Active Directory Enumeration: RPCClient
Logo135, 593 - Pentesting MSRPC - HackTricksbook.hacktricks.xyz
Pentesting MSRPC
PreviousRDPNextRservices

Last updated