search

TCP: RPC - 135 / 593

hashtag
Connection

hashtag
Anonymous Login

rpcclient -U "" -N <Target IP Address>
rpcclient -U "" <Target IP Address>

hashtag
Guest Login

rpcclient -U "guest" <Target IP Address>

hashtag
Enumerate

NOTE: The following can only be executed if you are in RPC console

Enumerate domain users

enumdomusers

NOTE: The above command returns RID

Get group info

enumdomgroups
querygroup <RID>

Dump detailed user info

Get domain policy

PreviousTCP: RDP - 3389NextTCP: Evil-WinRM - 5985 / 5986

Last updated