lilith/tldr
1
0
Fork 0
mirror of https://github.com/tldr-pages/tldr.git synced 2025-04-22 08:22:08 +02:00
Code Activity
tldr/pages/common/rpcmap.py.md
Machiavelli 2c4b56ddd5 rpcmap.py: update page
2025-04-09 12:37:32 +02:00

1 KiB
Raw Permalink Blame History

rpcmap.py

Lookup listening MSRPC interfaces using a string binding (e.g., ncacn_ip_tcp:host[port]). Part of the Impacket suite. More information: https://github.com/fortra/impacket.

  • Connect to an MSRPC interface using a string binding (e.g., ncacn_ip_tcp:host[port]):

rpcmap.py {{stringbinding}}

  • Bruteforce UUIDs even if the MGMT interface is available:

rpcmap.py -brute-uuids {{stringbinding}}

  • Bruteforce operation numbers (opnums) for discovered UUIDs:

rpcmap.py -brute-opnums {{stringbinding}}

  • Bruteforce major versions of found UUIDs:

rpcmap.py -brute-versions {{stringbinding}}

  • Specify a target IP address manually:

rpcmap.py -target-ip {{ip_address}} {{stringbinding}}

  • Authenticate to the RPC interface with username and password:

rpcmap.py -auth-rpc {{domain}}/{{username}}:{{password}} {{stringbinding}}

  • Authenticate using NTLM hashes for RPC:

rpcmap.py -hashes-rpc {{LMHASH:NTHASH}} {{stringbinding}}

  • Enable debug output for verbose information:

rpcmap.py -debug {{stringbinding}}