Clever Geek Handbook

Building a network map

โ€” . . ~ 80% . , . , , 100% ? Windows.





ยซ ยป

, Windows , , DCOM RPC.





Remote Procedure Call โ€” (IPC). , .





Distributed Component Object Model โ€” COM , . โ€” DCOM Remote Protocol.





:









? .









โ€” - . RPC . , , . , , .





, , , .





DCOM Offensive BlackHat 2004. , Windows Windows Server 2003. , :





  • ( );





  • ;





  • ScheduledTask, , ;





  • ( ).





, . , 17 , .





3 :





  • Windows 10





  • Windows 7





  • Windows 8





, . Kali Linux. RPC. :





  • nmap script rpcinfo.nse



    - rpc , , ;





  • impacket rpcdump.py



    - rcp ;





  • impacket rpcmap.py



    - endpoint , ;





  • Metasploit module auxiliary/scanner/dcerpc/endpoint_mapper



    - endpoint



    ;





  • Metasploit module auxiliary/scanner/dcerpc/hidden



    - ;





  • Metasploit module auxiliary/scanner/dcerpc/management



    - RMI DCERPC;





  • Metasploit module auxiliary/scanner/dcerpc/tcp_dcerpc_auditor



    - , DCERPC;





  • IOXIDResolver.py



    - ;





:





Windows 7





nmap:





Metasploit:





The picture shows part of the endpoint services.
endpoint .

Hidden services





Management





TCP Auditpr





IOXIDResolver:





Windows 8





nmap:





Metasploit:





endpoint_mapper





The picture shows part of the endpoint services.
endpoint .

Hidden services





Management





TCP auditor





IOXIDResolver:





Windows 10





nmap:





Metasploit:





The picture shows part of the endpoint services.
endpoint .

Hidden services





Management





TCP auditor





IOXIDResolver:





, . IOXIDResolver , , , .





, ยซ. ยป. , , .







More articles:


All Articles