The Ethical Hacker Network - [Article]-Tutorial: MS Terminal Server Cracking

Latest Additions

Who's Online

EH-Net Donations

EH-Net News Feeds

Latest Additions

Google Ads

Book Recommendations

don

Editor-In-Chief
Administrator
Hero Member

Offline

Posts: 3113

Editor-In-Chief

[Article]-Tutorial: MS Terminal Server Cracking

« on: January 04, 2007, 12:25:08 PM »

We are starting to get used to Chris being more than thorough with the topics he covers in his tutorials. The treatment he gave password cracking in his last article, Tutorial: Rainbow Tables and RainbowCrack, is now done for Terminal Server.

Permanent link to [Article]-Tutorial: MS Terminal Server Cracking, and the intro below:

Quote

If you want to do any MS Terminal Server cracking you basically have your choice of three tools that can do it for you; TSgrinder, TScrack, and a patched version of RDesktop. This article and its companion Video: Terminal Server / RDP Password Cracking, takes you step-by-step through the concepts, tools and usage.

TSGrinder is readily available from http://www.hammerofgod.com/download.html.

TSCrack you’ll have to google for as it is not readily available anymore.

Rdesktop v1.41 can be downloaded from http://www.rdesktop.org/ and you’ll need the patch from foofus.net http://www.foofus.net/jmk/rdesktop.html.

As always, we appreciate your feedback, viewpoints and recommendations of additional materials.

Don


	Logged

CISSP, MCSE, CEH, Security+ SME

don

Editor-In-Chief
Administrator
Hero Member

Offline

Posts: 3113

Editor-In-Chief

Re: [Article]-Tutorial: MS Terminal Server Cracking

« Reply #1 on: January 04, 2007, 12:37:20 PM »

Submitted to digg:

http://www.digg.com/security/Tutorial_MS_Terminal_Server_Cracking

Don


	Logged

CISSP, MCSE, CEH, Security+ SME

ChrisG

EH-Net Columnist
Hero Member

Offline

Posts: 1153

Re: [Article]-Tutorial: MS Terminal Server Cracking

« Reply #2 on: January 04, 2007, 03:55:33 PM »

dugg


	Logged

...tests i took go here...

http://carnal0wnage.attackresearch.com/

ToniU

Newbie

Offline

Posts: 1

Re: [Article]-Tutorial: MS Terminal Server Cracking

« Reply #3 on: September 26, 2007, 01:26:47 PM »

Hi, Chris!

I would like to add simple clarification to your tutorial. Googling for “/TSWeb/default.htm” does not enumarate TS servers. Although it is very likely that TS server is available on IP of that web site, this is not always the case. TSWeb only offers ActiveX RDP client. You can use any "TSWeb" URL to connect to any other TS server.

Of course it would be nice, if for every published "cracking" tutorial, you would publish tutorial on how to increase security or reduce attack surface, also. For example, using TLS, multifactor authentication, or third party tools like 2xRDP,...

Toni