port icon Stats API
  • TCP
    80 23 443 21 22 25 3389 110 445 39
  • UDP
    31 161 137 123 138 1434 445 135 67 53
    • BuyMeCofee

    Microsoft's Remote Procedure Call (RPC)

    Profile Pic
    RPC
    Microsoft's Remote Procedure Call

    RPC is a protocol that enables a client application to call a function on a remote server as if it were a local function call.

    Port: 135 UDP  |  RFC:1831

    OSI Layer: 7 (Application Layer)

    Cyber Security Stance: Low

    Designed by Vivekanand Padala

    Protocol Overview

    Microsoft's implementation of RPC is used in a wide range of Windows networking applications and services, including Active Directory, DCOM, and the Windows Management Instrumentation (WMI) system.

    RPC protocol supports a variety of transports, including TCP/IP, named pipes, and NetBIOS. It also supports different data encoding formats, including ASCII, Unicode, and binary.

    Microsoft's implementation includes features such as security, error handling, and threading support. Security is provided through the use of authentication and encryption mechanisms, such as Kerberos and NTLM. Error handling includes support for detecting and recovering from network failures and other errors. Threading support allows multiple RPC requests to be handled simultaneously on the server.

    RCP workflow

    1. The client application calls a local function and passes the necessary parameters. The application does not need to know anything about the remote server or its location.
    2. The client's RPC runtime library generates an RPC request message, which contains the following information:
      • The unique identifier of the server application function to be called.
      • The parameters to be passed to the server function.
      • Any authentication and security information.
    3. The RPC request message is sent to the server. The message is transmitted using a transport protocol such as TCP/IP or named pipes.
    4. The server's RPC runtime library receives the request message and passes it to the appropriate server application function based on the function identifier contained in the message.
    5. The server's application function executes, and any results are returned to the RPC runtime library.
    6. The server's RPC runtime library sends the results back to the client's RPC runtime library using the same transport protocol used to send the request.
    7. The client's RPC runtime library receives the results and returns them to the calling application.

    Github icon Twitter icon Coffee icon
    © 2024 AndySvints
    Design by Tristan Johnson , Filipe Kiss & sora.
    Icons made by Freepik from www.flaticon.com.
    An error has occurred. This application may no longer respond until reloaded. Reload 🗙