RPC Enumeration
To connect to rpc client as anonymous user
rpcclient -U "" <ip>To enumerate
enumdomusers #get users
enumprinters
querydispinfo #users and user infoTo add users to a userlist file:
rpcclient -U "" <ip> -N -c "enumdomusers" | grep -oP '\[.*?\]' | grep "0x" -v | tr -d '[]' > userlist.txtThen spray passwords and try Asreproasting with kerbrute
Last updated
Was this helpful?