Attack Vector for RDP

Viewing 2 reply threads
  • Author
    Posts
    • #8303
      24772433
      Participant

      OK, to be clear, this is purely hypothetical and only for lab testing.

      If a Windows Server only has port 3389 open, given that no remote code exploit for MS12-020 has yet to manifest itself, what are the available attack vectors? Brute force?

      Thanks. 

    • #52312
      Dark_Knight
      Participant

      tsgrinder maybe….ncrack also now supports terminal services cracking…….anybody use these with success ?

    • #52313
      dynamik
      Participant

      I usually just try SMB because it’s so much faster and uses the same account database. The only time I usually see RDP open when SMB isn’t is for jump boxes, and those are usually configured to use multi-factor authentication, so there’s no real point in trying a password-guessing attack.

      If you can MitM with Cain, it’ll try to drop the security level of the RDP session, and if successful, can capture RDP network communications in clear-text.

Viewing 2 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?