RPC

rpcclient -U="%" -N 10.10.10.204
rpcclient -U'' -N <IP>

Query Info

Query	Info
`srvinfo`	Server information.
`enumdomains`	Enumerate all domains that are deployed in the network.
`querydominfo`	Provides domain, server, and user information of deployed domains.
`netshareenumall`	Enumerates all available shares.
`netsharegetinfo <share>`	Provides information about a specific share.
`enumdomusers`	Enumerates all domain users.
`queryuser <RID>`	Provides information about a specific user.
`querygroup`

srvinfo

Server information.

enumdomains

Enumerate all domains that are deployed in the network.

querydominfo

Provides domain, server, and user information of deployed domains.

netshareenumall

Enumerates all available shares.

netsharegetinfo <share>

Provides information about a specific share.

enumdomusers

Enumerates all domain users.

queryuser <RID>

Provides information about a specific user.

querygroup

Source: Hack The Box Academy

Check for shares to mount

showmount -e 10.10.10.6

Last updated 1 year ago