search
githubEdit

gRPC Pentesting

hashtag
Default port: 50051

hashtag
Tools: grpcurl https://github.com/fullstorydev/grpcurl/releases

hashtag
Commands:

hashtag
1) List the server's services

grpcurl -plaintext TARGET_IP:PORT list

hashtag
2) List the methods of a specific service

grpcurl -plaintext TARGET_IP:PORT list SERVICE

hashtag
3) Obtain further information on the specific service or method

grpcurl -plaintext TARGET_IP:PORT describe SERVICE

hashtag
4) Submit data to a specific endpoint

grpcurl -plaintext -vv -format text -d 'USERNAME: "USER", PASSWORD: "PASS"' TARGET_IP:PORT ENDPOINT

hashtag
5)

grpcurl -plaintext -format text -H 'HEADER:WHATEVER' -d 'DATA: "DATA"' TARGET_IP:PORT ENDPOINT
PreviousExtensible Messaging and Presence Protocol XMPP (Jabber) Penetration TestingNextCI\CD Tools

Last updated