Total OSCP GuidePayloads All The Things

RPC Enumeration

To connect to rpc client as anonymous user

rpcclient -U "" <ip>

To enumerate

enumdomusers #get users
enumprinters
querydispinfo #users and user info

To add users to a userlist file:

rpcclient -U "" <ip> -N -c "enumdomusers" | grep -oP '\[.*?\]' | grep "0x" -v | tr -d '[]' > userlist.txt

Then spray passwords and try Asreproasting with kerbrute

PreviousTFTP EnumerationNextPostgres Enumeration

Last updated