|
Title: [Article]-Tutorial: MS Terminal Server Cracking Post by: don on January 04, 2007, 12:25:08 PM We are starting to get used to Chris being more than thorough with the topics he covers in his tutorials. The treatment he gave password cracking in his last article, Tutorial: Rainbow Tables and RainbowCrack (http://www.ethicalhacker.net/content/view/94/24/), is now done for Terminal Server.
Permanent link to [Article]-Tutorial: MS Terminal Server Cracking (http://www.ethicalhacker.net/content/view/106/24/), and the intro below: Quote If you want to do any MS Terminal Server cracking you basically have your choice of three tools that can do it for you; TSgrinder, TScrack, and a patched version of RDesktop. This article and its companion Video: Terminal Server / RDP Password Cracking (http://www.ethicalhacker.net/content/view/105/24/), takes you step-by-step through the concepts, tools and usage. TSGrinder is readily available from http://www.hammerofgod.com/download.html (http://www.hammerofgod.com/download.html). TSCrack you’ll have to google for as it is not readily available anymore. Rdesktop v1.41 can be downloaded from http://www.rdesktop.org/ (http://www.rdesktop.org/) and you’ll need the patch from foofus.net http://www.foofus.net/jmk/rdesktop.html (http://www.foofus.net/jmk/rdesktop.html). As always, we appreciate your feedback, viewpoints and recommendations of additional materials. Don Title: Re: [Article]-Tutorial: MS Terminal Server Cracking Post by: don on January 04, 2007, 12:37:20 PM Submitted to digg:
http://www.digg.com/security/Tutorial_MS_Terminal_Server_Cracking Don Title: Re: [Article]-Tutorial: MS Terminal Server Cracking Post by: LSOChris on January 04, 2007, 03:55:33 PM dugg
Title: Re: [Article]-Tutorial: MS Terminal Server Cracking Post by: ToniU on September 26, 2007, 01:26:47 PM Hi, Chris!
I would like to add simple clarification to your tutorial. Googling for “/TSWeb/default.htm” does not enumarate TS servers. Although it is very likely that TS server is available on IP of that web site, this is not always the case. TSWeb only offers ActiveX RDP client. You can use any "TSWeb" URL to connect to any other TS server. Of course it would be nice, if for every published "cracking" tutorial, you would publish tutorial on how to increase security or reduce attack surface, also. For example, using TLS, multifactor authentication, or third party tools like 2xRDP,... Toni Title: Re: [Article]-Tutorial: MS Terminal Server Cracking Post by: LSOChris on September 26, 2007, 05:05:32 PM Toni
thanks alot for the clarification. -Chris
Powered by SMF 1.1.18 |
SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com |