👨‍💻
Pentesting
  • Prerequisite
  • Penetration Testing Stages
  • Enumeration/Scanning
    • Nmap
    • Netdiscover
  • Web Attack
    • Ffuf
    • Dirb
    • GoBuster
    • Dirsearch
    • FeroxBuster
    • Wfuzz
    • Nikto
  • SSH
    • Download File
  • Transporting Files
    • Windows
    • Linux
  • Port Forwarding & Pivoting
  • Pwncat
  • SMB
    • SmbClient
    • SmbMap
  • SQL Injection
  • Reverse Shells
    • PHP Pentest Monkey
    • Bash
    • PHP
      • Voting System 1.0 - Remote Code Execution (Unauthenticated)
    • Netcat
    • Python
    • Nishang
  • Impacket
    • psexec.py
    • wmiexec.py
    • secretsdump.py
    • impacket-smbserver
    • GetUserSPNs.py
  • Active Directory Attacks
    • Enum4linux
    • Kerbrute
    • Responder.py
    • RPCclient
    • Crackmapexec
    • BloodHound-Python
    • Powerview.ps1
    • GetUserSPNs.py
    • SharpHound.ps1
    • Mimikatz
    • Metasploit
  • Password Cracking
    • Hydra
      • FTP
      • SSH
      • HTTP
    • Hashcat
    • John The Ripper
      • Jumbo John
  • Powershell
    • Secure String Powershell
  • MSFVenom
    • MSFVenom Payload
    • Multihandler Listener
    • AlwaysInstallElevated
  • Meterpreter
  • Privilege Escalation
    • Linux
      • GTFOBins
      • linPEAS
    • Windows
      • LOLBAS
      • winPEAS
      • AlwaysInstallElevated
      • System Enumeration
      • User Enum
      • Network Enumeration
  • WordPress
    • Wpscan
Powered by GitBook
On this page
  • Logging and Server Information
  • Domain Information Query
  • Enumerating Domain Users
  • Enumerating Domain Groups
  • Group Queries
  • User Queries
  • Enumerating Privileges
  • Net Share Enumeration
  • Enumerating Domains
  • Domain Lookup
  1. Active Directory Attacks

RPCclient

PreviousResponder.pyNextCrackmapexec

Last updated 2 years ago

Logging and Server Information

rpcclient

rpcclient -U Administrator%domain.local 192.168.1.172

Domain Information Query

querydominfo

Enumerating Domain Users

enumdomusers

Enumerating Domain Groups

enumdomgroups

Group Queries

querygroup 0x200

User Queries

queryuser <username>

Enumerating Privileges

enumprivs

Net Share Enumeration

netshareenum
netshareenumall

Enumerating Domains

enumdomains

Domain Lookup

lookupdomain <domain_name>
Active Directory Enumeration: RPCClient - Hacking ArticlesHacking Articles
Active Directory Enumeration: RPCClient
Logo