Brute Forcing User RIDs

for i in $(seq 500 1100);do rpcclient -N -U "" 10.129.14.128 -c "queryuser 0x$(printf '%x\n' $i)" | grep "User Name\|user_rid\|group_rid" && echo "";done

Tools for enum SMB

Impacket - Samrdump.py
smbmap
crackmapexec
enum4linux-ng.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Reconnaissance - External.md

Reconnaissance - External.md

Brute Forcing User RIDs

Tools for enum SMB

Files

Reconnaissance - External.md

Latest commit

History

Reconnaissance - External.md

File metadata and controls

Brute Forcing User RIDs

Tools for enum SMB