PORT 3389/tcp RDP
Introduction
Remote Desktop Protocol is a proprietary protocol developed by Microsoft which provides a user with a graphical interface to connect to another computer over a network connection. The user employs RDP client software for this purpose, while the other computer must run RDP server software
Enumeration
With nmap we can enumerate the service a little bit, and obtain information such as the DOMAIN or the HOSTNAME. Also checks available encryption and DoS vulnerabilities.
Checking Credentials
With rdp_check
we can check credentials.
Connect via RDP
rdesktop
xfreerdp
xfreerdp is an X11 Remote Desktop Protocol (RDP) client which is part of the FreeRDP project. An RDP server is built-in to many editions of Windows. Alternative servers included xrdp and VRDP (VirtualBox).
Connect RDP via pass the hash.
Other configurations.
Post Exploitation
With mimikatz
is possible to obtain the current sessions and connect it. Check section **Hijacking RDP Session
** to more info.
Enable RDP
When we fully compromised the server we can enable RDP.
And add the user or group to the Remote Desktop Users group.
Last updated