tldr/pages/linux/rpcclient.md

37 lines
919 B
Markdown
Raw Permalink Normal View History

2020-10-24 13:06:56 +01:00
# rpcclient
> MS-RPC client tool (part of the samba suite).
> More information: <https://www.samba.org/samba/docs/current/man-html/rpcclient.1.html>.
- Connect to a remote host:
`rpcclient --user {{domain}}\{{username}}%{{password}} {{ip}}`
- Connect to a remote host on a domain without a password:
`rpcclient --user {{username}} --workgroup {{domain}} --no-pass {{ip}}`
- Connect to a remote host, passing the password hash:
`rpcclient --user {{domain}}\{{username}} --pw-nt-hash {{ip}}`
- Execute shell commands on a remote host:
`rpcclient --user {{domain}}\{{username}}%{{password}} --command {{semicolon_separated_commands}} {{ip}}`
- Display domain users:
`rpcclient $> enumdomusers`
- Display privileges:
`rpcclient $> enumprivs`
- Display information about a specific user:
`rpcclient $> queryuser {{username|rid}}`
- Create a new user in the domain:
`rpcclient $> createdomuser {{username}}`