james

adot@kali:~/htb/Classics/Mantis$ rpcclient -U james 10.10.10.52
Password for [WORKGROUP\james]:
rpcclient $> enumdomusers
user:[Administrator] rid:[0x1f4]
user:[Guest] rid:[0x1f5]
user:[krbtgt] rid:[0x1f6]
user:[james] rid:[0x44f]
rpcclient $> enumdomgroups
group:[Enterprise Read-only Domain Controllers] rid:[0x1f2]
group:[Domain Admins] rid:[0x200]
group:[Domain Users] rid:[0x201]
group:[Domain Guests] rid:[0x202]
group:[Domain Computers] rid:[0x203]
group:[Domain Controllers] rid:[0x204]
group:[Schema Admins] rid:[0x206]
group:[Enterprise Admins] rid:[0x207]
group:[Group Policy Creator Owners] rid:[0x208]
group:[Read-only Domain Controllers] rid:[0x209]
group:[DnsUpdateProxy] rid:[0x44e]
rpcclient $> queryuser james
	User Name   :	james
	Full Name   :	James
	Home Drive  :	
	Dir Drive   :	
	Profile Path:	
	Logon Script:	
	Description :	
	Workstations:	
	Comment     :	
	Remote Dial :
	Logon Time               :	Tue, 02 Apr 2024 09:29:34 CDT
	Logoff Time              :	Wed, 31 Dec 1969 18:00:00 CST
	Kickoff Time             :	Wed, 13 Sep 30828 21:48:05 CDT
	Password last set Time   :	Thu, 31 Aug 2017 19:12:02 CDT
	Password can change Time :	Fri, 01 Sep 2017 19:12:02 CDT
	Password must change Time:	Wed, 13 Sep 30828 21:48:05 CDT
	unknown_2[0..31]...
	user_rid :	0x44f
	group_rid:	0x201
	acb_info :	0x00000210
	fields_present:	0x00ffffff
	logon_divs:	168
	bad_password_count:	0x00000000
	logon_count:	0x0000001b
	padding1[0..7]...
	logon_hrs[0..21]...
rpcclient $> querydispinfo 
index: 0xdea RID: 0x1f4 acb: 0x00000210 Account: Administrator	Name: (null)	Desc: Built-in account for administering the computer/domain
index: 0xdeb RID: 0x1f5 acb: 0x00000215 Account: Guest	Name: (null)	Desc: Built-in account for guest access to the computer/domain
index: 0xea6 RID: 0x44f acb: 0x00000210 Account: james	Name: James	Desc: (null)
index: 0xe19 RID: 0x1f6 acb: 0x00020011 Account: krbtgt	Name: (null)	Desc: Key Distribution Center Service Account