What is MSRPC
Microsoft Remote Procedure Call, also known as a function call or a subroutine call, is a protocol that uses the client-server model that enables one program to request a service from a program on another computer, without having to understand the details of that computer's network.
Find MSRPC Port
Nmap
nmap -sV -SC IP -p135
- Possible to find MSRPC on an other port
Attack
- User Enumeration
Enum4Linux ---> https://github.com/CiscoCXSecurity/enum4linux
Enum4Linux Commands
-
-U get userlist
-
-M get machine list
-
-N get namelist dump (different from -U and-M)
-
-S get sharelist
-
-P get password policy information
-
-G get group and member list
-
-a all of the above (full basic enumeration)
-
Enumeration PC Element
IOXIDResolver ---> https://github.com/mubix/IOXIDResolver)
- Extra
- In some case, you might found some IPV6 address. Most of the IPV6 address are not setup for firewall since people mostly focus on IPV4