Options (4)
-U, --userbooleanConnect to a remote host
Example:
rpcclient {{[-U|--user]}} {{domain}}\{{username}}%{{password}} {{ip_address}}-W, --workgroupbooleanConnect to a remote host on a domain without a password
Example:
rpcclient {{[-U|--user]}} {{username}} {{[-W|--workgroup]}} {{domain}} {{[-N|--no-pass]}} {{ip_address}}-N, --no-passbooleanConnect to a remote host on a domain without a password
Example:
rpcclient {{[-U|--user]}} {{username}} {{[-W|--workgroup]}} {{domain}} {{[-N|--no-pass]}} {{ip_address}}-c, --commandbooleanExecute shell commands on a remote host
Example:
rpcclient {{[-U|--user]}} {{domain}}\{{username}}%{{password}} {{[-c|--command]}} {{semicolon_separated_commands}} {{ip_address}}Examples (8)
Connect to a remote host
rpcclient [-U|--user] domain\username%password ip_addressConnect to a remote host on a domain without a password
rpcclient [-U|--user] username [-W|--workgroup] domain [-N|--no-pass] ip_addressConnect to a remote host, passing the password hash
rpcclient [-U|--user] domain\username --pw-nt-hash ip_addressExecute shell commands on a remote host
rpcclient [-U|--user] domain\username%password [-c|--command] semicolon_separated_commands ip_addressDisplay domain users
rpcclient $> enumdomusersDisplay privileges
rpcclient $> enumprivsDisplay information about a specific user
rpcclient $> queryuser username|ridCreate a new user in the domain
rpcclient $> createdomuser usernamemade by @shridhargupta | data from tldr-pages