Description
Enumeration
rpcclient $IPSometimes, the host is old enough to be vulnerable to a Null Session Attack, therefore, it is always a good idea to try to connect via RPC using null username and password :
rpcclient -N -U "" $IPWhen a session is successfully created, it is possible to view a list of possible rpcclient commands with help. rpcclient also has autocompletion.