Microsoft Remote Procedure Call is a protocol that uses the client-server model in order to allow one program to request service from a program on another computer without having to understand the details of that computer’s network.
Depending on the host configuration, the RPC endpoint mapper can be accessed through TCP and UDP port 135, via SMB with a null or authenticated session (TCP 139 and 445), and as a web service listening on TCP port 593.
- Port Authority Database
- HackTricks
- Remote Procedure Call (RPC) (TechTarget)
Enumeration
Nmap
ls -la /usr/share/nmap/scripts/rpc*
nmap -sV -p 135,593 --script=rpc* $IP -oA nmap-rpcImpacket
impacket-rpcdump -himpacket-rpcdump $IP -port 135impacket-rpcdump $IP -port 593impacket-rpcdump $IP > rpc.txt