x/handbook
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
handbook/tools/2.Scanning-and-Enumeration/3.Ports/Ports-Links/135-MSRPC/MSRPC.md
Anton Nesterov af9011411c
vault backup: 2024-08-31 01:07:21
2024-08-31 01:07:22 +02:00

1.3 KiB
Raw Blame History

What is MSRPC

Microsoft Remote Procedure Call, also known as a function call or a subroutine call, is a protocol that uses the client-server model that enables one program to request a service from a program on another computer, without having to understand the details of that computer's network.

Find MSRPC Port

Nmap

nmap -sV -SC IP -p135
  • Possible to find MSRPC on an other port

Attack

  • User Enumeration
Enum4Linux          ---> https://github.com/CiscoCXSecurity/enum4linux

Enum4Linux Commands

  • -U             get userlist

  • -M             get machine list

  • -N             get namelist dump (different from -U and-M)

  • -S             get sharelist

  • -P             get password policy information

  • -G             get group and member list

  • -a             all of the above (full basic enumeration)

  • Enumeration PC Element

IOXIDResolver ---> https://github.com/mubix/IOXIDResolver)
  • Extra
    • In some case, you might found some IPV6 address. Most of the IPV6 address are not setup for firewall since people mostly focus on IPV4