[Legion Leak] Pentesting | Hacking RDP Logins 07-30-2013, 03:29 AM
#1
This post is leaked from the premium section of "Legion" on the competing hack forum. There will be 5 new leaks a day. There may be some format problems due to UTF8 character encoding.
(07-10-2013, 01:16 PM)Greyhat.Infiltrator Wrote:
Overview:
The aim of this tutorial is to demonstrate how easy it is, for an attacker to gain remote access to a machine that has RDP protocol enabled.
For this type of attack to work, the host must at least be configured with a weak password and no account lockout policy at all.
Requirements:
- A vulnerable host
- Nmap
- Ncrack
- A good wordlist
Carrying out the attack:
1) Let's first run Nmap to find our target. Note, the target must have port 3389 opened, or this attack won't succeed.
2) Once we've identified what target has the RDP protocol enabled. We run Ncrack against it.
Mitigating RDP attacks.
1) Ensure account lockout policy is in place.
2) Use long and strong password.
3) Do not use RDP over the internet, first establish a VPN connection into your network and then RDP into your host.
![[Image: ieq6viOQ6szdE.gif]](http://i.minus.com/ieq6viOQ6szdE.gif)
![[Image: F4Z9Dqw.png]](https://i.imgur.com/F4Z9Dqw.png)
![[+]](https://sinister.ly/images/modern/collapse_collapsed.png)