RDP-3389

Default Port

PORT     STATE SERVICE
3389/tcp open  ms-wbt-server

Scan

  • nmap

nmap --script="rdp-*" -T4 -p 3389 -sV  $IP -oN recon/rdp_port

  • metasploit

msfconsole

msf5 > use auxiliary/scanner/rdp/rdp_scanner
msf5 auxiliary(scanner/rdp/rdp_scanner) > set RHOSTS $IP
msf5 auxiliary(scanner/rdp/rdp_scanner) > set RPORT $port
msf5 auxiliary(scanner/rdp/rdp_scanner) > run

Brute Force

hydra -L /usr/share/metasploit-framework/data/wordlists/common_users.txt -P /usr/share/metasploit-frramework/data/wordlists/unix_passwords.txt rdp://$IP

Connect 

xfreerdp /u:$username /p:$password /v:$IP:$port
PreviousMySQL-3306NextWinRM-5985

Last updated