.

[Article]-Tutorial: MS Terminal Server Cracking

<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Thu Jan 04, 2007 1:25 pm

[Article]-Tutorial: MS Terminal Server Cracking

We are starting to get used to Chris being more than thorough with the topics he covers in his tutorials. The treatment he gave password cracking in his last article, Tutorial: Rainbow Tables and RainbowCrack, is now done for Terminal Server.

Permanent link to [Article]-Tutorial: MS Terminal Server Cracking, and the intro below:

If you want to do any MS Terminal Server cracking you basically have your choice of three tools that can do it for you; TSgrinder, TScrack, and a patched version of RDesktop. This article and its companion Video: Terminal Server / RDP Password Cracking, takes you step-by-step through the concepts, tools and usage.

TSGrinder is readily available from http://www.hammerofgod.com/download.html. [br /]
TSCrack you’ll have to google for as it is not readily available anymore.[br /]
Rdesktop v1.41 can be downloaded from http://www.rdesktop.org/ and you’ll need the patch from foofus.net http://www.foofus.net/jmk/rdesktop.html.


As always, we appreciate your feedback, viewpoints and recommendations of additional materials.

Don
CISSP, MCSE, CSTA, Security+ SME
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Thu Jan 04, 2007 1:37 pm

Re: [Article]-Tutorial: MS Terminal Server Cracking

CISSP, MCSE, CSTA, Security+ SME
<<

LSOChris

Post Thu Jan 04, 2007 4:55 pm

Re: [Article]-Tutorial: MS Terminal Server Cracking

dugg
<<

ToniU

Newbie
Newbie

Posts: 1

Joined: Wed Sep 26, 2007 1:10 pm

Post Wed Sep 26, 2007 1:26 pm

Re: [Article]-Tutorial: MS Terminal Server Cracking

Hi, Chris!

I would like to add simple clarification to your tutorial. Googling for “/TSWeb/default.htm” does not enumarate TS servers. Although it is very likely that TS server is available on IP of that web site, this is not always the case. TSWeb only offers ActiveX RDP client. You can use any "TSWeb" URL to connect to any other TS server.

Of course it would be nice, if for every published "cracking" tutorial, you would publish tutorial on how to increase security or reduce attack surface, also. For example, using TLS, multifactor authentication, or third party tools like 2xRDP,...

Toni
<<

LSOChris

Post Wed Sep 26, 2007 5:05 pm

Re: [Article]-Tutorial: MS Terminal Server Cracking

Toni
thanks alot for the clarification.

-Chris

Return to Gates

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software