rpcclient
MS-RPC client tool (part of the samba suite). More information: <https://www.samba.org/samba/docs/current/man-html/rpcclient.1.html>.
Install
- All systems
-
curl cmd.cat/rpcclient.sh
- Debian
-
apt-get install smbclient - Ubuntu
-
apt-get install smbclient - Arch Linux
-
pacman -S smbclient - Kali Linux
-
apt-get install smbclient - CentOS
-
yum install samba4-client - Fedora
-
dnf install samba-client-2 - Windows (WSL2)
-
sudo apt-get updatesudo apt-get install smbclient - Raspbian
-
apt-get install smbclient - Dockerfile
- dockerfile.run/rpcclient
MS-RPC client tool (part of the samba suite). More information: <https://www.samba.org/samba/docs/current/man-html/rpcclient.1.html>.
-
Connect to a remote host:
rpcclient --user domain\username%password ip -
Connect to a remote host on a domain without a password:
rpcclient --user username --workgroup domain --no-pass ip -
Connect to a remote host, passing the password hash:
rpcclient --user domain\username --pw-nt-hash ip -
Execute shell commands on a remote host:
rpcclient --user domain\username%password --command semicolon_separated_commands ip -
Display domain users:
rpcclient $> enumdomusers -
Display privileges:
rpcclient $> enumprivs -
Display information about a specific user:
rpcclient $> queryuser username|rid -
Create a new user in the domain:
rpcclient $> createdomuser username
© tl;dr; authors and contributors