RPC

Search dcerpc

use auxiliary/scanner/dcerpc/endpoint_mapper

use auxiliary/scanner/dcerpc/hidden

rpcmap.py 'ncanc_ip_tcp:10.0.0.1'

rpcmap.py 'ncanc_ip_tcp:10.0.0.1' -h

rpcmap.py 'ncanc_ip_tcp:10.0.0.1' -brute_uuids -brute_opnums -auth-level 1 -opnum-max 10 (up to 100)

look for success and google UUID's

copy python2 script from site and update

print 'IOXIDResolver.py -t ' <target>'

print ('IOXIDResolver.py -t ' <target>')

python3 IOXIDResolver.py -t 10.0.0.1

set local host for ipv6

nmap -6 -sC -sV -O -v -oA ./htb/apt-ipv6.n

Last updated 2 years ago