Categories
Infrastructure

Bypass RPC Portmapper Filtering

Portmapper is a registry of Remote Procedure Call services including RPC Services number, version number, TCP/UDP port and protocol. It generally runs on port 111 TCP/UDP.

When a client wishes to connect to a service they first connect to the Portmapper, an administrator may filter this port beliving that it will prevent an attacker connecting to services offered, however this is not the case as an attacker may replicate the portmapper locally and proxy requests to the target machine.