Brute forcing RDP and SSH

[voldemort]

Where to find a good wordlist for brute forcing rdp and ssh ?

 

[174region174]

Where to find a good wordlist for brute forcing rdp and ssh ?

Weakpass

 

[RichOffFraud]

Hello,

First you can try with very simple username and password something like 2-3 very common user-pass pair and try to brute
as many ssh and rdp as possible.

With that method you will find more results with less time involved.

Also try different access methods including vpns, citrix, and so on.

Eventually you will find what works best for you but initially try to avoid big lists of usernames and passwords when brute forcing
if you don't have significant resources in your VPS.

Overall keep your method of access simple and focusing on the number of the servers you are trying to breach.

Adding to the brute forcing with logins you can try and scan for known vulnerabilities as servers are often not get patched[.]

You can find many resources for working with here in the forum.

 

[n1k7]

После того, как вы получите хороший список слов, я предлагаю автоматизировать весь процесс и разместить его на RDP/VPS-сервере.

Пусть он находит драгоценные камни, пока вы работаете над другими проектами

 

[Vienna]

Where to find a good wordlist for brute forcing rdp and ssh ?

pretty late reply, but better late then never.
most common users: https://github.com/danielmiessler/SecLists/blob/master/Usernames/top-usernames-shortlist.txt
most common pw: https://github.com/danielmiessler/SecLists/blob/master/Passwords/common_corporate_passwords.lst

 

[Poloz]

Where to find a good wordlist for brute forcing rdp and ssh ?

https://xss.pro/threads/137602/