HiveBrain v1.2.0
Get Started
← Back to all entries
snippetbashTip

rpcclient — MS-RPC client tool (part of the samba suite). More information: <https://www.samba.org/samba/docs/cu

Submitted by: @import:tldr-pages··
0
Viewed 0 times
tldrcommand-lineclilinuxrpcclient
thecommandclientrpcclitoolpartrpcclient
linux

Problem

How to use the rpcclient command: MS-RPC client tool (part of the samba suite). More information: <https://www.samba.org/samba/docs/current/man-html/rpcclient.1.html>.

Solution

rpcclient — MS-RPC client tool (part of the samba suite). More information: <https://www.samba.org/samba/docs/current/man-html/rpcclient.1.html>.

Connect to a remote host:
rpcclient {{[-U|--user]}} {{domain}}\{{username}}%{{password}} {{ip_address}}


Connect to a remote host on a domain without a password:
rpcclient {{[-U|--user]}} {{username}} {{[-W|--workgroup]}} {{domain}} {{[-N|--no-pass]}} {{ip_address}}


Connect to a remote host, passing the password hash:
rpcclient {{[-U|--user]}} {{domain}}\{{username}} --pw-nt-hash {{ip_address}}


Execute shell commands on a remote host:
rpcclient {{[-U|--user]}} {{domain}}\{{username}}%{{password}} {{[-c|--command]}} {{semicolon_separated_commands}} {{ip_address}}


Display domain users:
rpcclient %%CODEBLOCK_4%%gt; enumdomusers


Display privileges:
rpcclient %%CODEBLOCK_5%%gt; enumprivs


Display information about a specific user:
rpcclient %%CODEBLOCK_6%%gt; queryuser {{username|rid}}


Create a new user in the domain:
rpcclient %%CODEBLOCK_7%%gt; createdomuser {{username}}

Code Snippets

Connect to a remote host

rpcclient {{[-U|--user]}} {{domain}}\{{username}}%{{password}} {{ip_address}}

Connect to a remote host on a domain without a password

rpcclient {{[-U|--user]}} {{username}} {{[-W|--workgroup]}} {{domain}} {{[-N|--no-pass]}} {{ip_address}}

Connect to a remote host, passing the password hash

rpcclient {{[-U|--user]}} {{domain}}\{{username}} --pw-nt-hash {{ip_address}}

Execute shell commands on a remote host

rpcclient {{[-U|--user]}} {{domain}}\{{username}}%{{password}} {{[-c|--command]}} {{semicolon_separated_commands}} {{ip_address}}

Display domain users

rpcclient $> enumdomusers

Context

tldr-pages: linux/rpcclient

Revisions (0)

No revisions yet.