3389 - Pentesting rdp

RDP (Remote Desktop Protocol) is a protocol developed by Microsoft that allows users to remotely access and control another computer over a network. It is used to establish a graphical user interface (GUI) connection between two computers, allowing the user to access resources on the remote computer as if they were on their own local system.

nmap

sudo nmap --script "rdp-enum-encryption or rdp-vuln-ms12-020 or rdp-ntlm-info" -p 3389 -T4 -Pn $IP

connect with known credentials/hash

rdesktop

rdesktop $IP -u <username>

rdesktop -d <domain> -u <username> -p <password> <IP>

xfreerdp

xfreerdp [/d:domain] /u:<username> /p:<password> /v:<IP>

xfreerdp [/d:domain] /u:<username> /pth:<hash> /v:<IP>

xfreerdp /u:admin /p:123456  /cert:ignore /v:10.11.1.7 /w:2000 /h:900