Does Psexec execute Remote Procedure Calls?
12,452
Yes. Psexec issues a remote procedure call to start up the specified process on the foreign machine with the credentials provided.
Although traditionally 445 is used for SMB and 135 is used for DCOM, both can be used by RPC depending on the specifics of the protocol and the objects that are being remotely used.
For this reason it is particularly important that ports 135 and 445 are blocked from the Internet zone.
Related videos on Youtube
14 : 32
Remote Procedure Calls (RPC)
19 : 45
Distributed Systems 1.3: RPC (Remote Procedure Call)
09 : 16
What is RPC?
06 : 26
Remote Process Execution using PowerShell and PSExec
01 : 30
Does Psexec execute Remote Procedure Calls?
Author by
JohnnyFromBF
Updated on September 18, 2022Comments
-
JohnnyFromBF over 1 year
I've heard of RPCs and that they get executed via TCP port 135. I just executed
ipconfigviapsexec.exeon a remote PC and wondered if this is a RPC. As I've seen in Wireshark, the whole process is beeing done via SMB port 445 not DCE/RPC port 135.So I don't really get what a RPC is? Do you guys have any examples for an RPC?