• XSS.stack #1 – первый литературный журнал от юзеров форума

Мануал/Книга RDP attack

Отслеживать
Пожалуйста, обратите внимание, что пользователь заблокирован
Prokhorenco просто отлично показывает easy hack`s, respect!
 
ckat_soft сказал(а):
а с чего гидра новые версии рдп брутить то стала? вы прежде чем писать статью смотрели хоть работает нет
Correct, even Hydra's documentation states that it's no good right now at bruting RDP. However if you read more of my comments i suggest tools that have been proven to work... such as... NLBrute. This is merely a simple guide to get noobs started out on the right foot, also there are many more protocols to brute other than RDP where this guide will work.

[WARNING] rdp servers often don't like many connections, use -t 1 or -t 4 to reduce the number of parallel connections and -W 1 or -W 3 to wait between connection to allow the server to recover
[INFO] Reduced number of tasks to 4 (rdp does not like many parallel connections)
[WARNING] the rdp module is experimental. Please test, report - and if possible, fix.
 
Последнее редактирование:
Prokhorenco сказал(а):
Correct, even Hydra's documentation states that it's no good right now at bruting RDP. However if you read more of my comments i suggest tools that have been proven to work... such as... NLBrute. This is merely a simple guide to get noobs started out on the right foot, also there are many more protocols to brute other than RDP where this guide will work.
NLBrute так же неактуален, так к чему лишний раз скидывать одно и тоже что уже кануло в далеком 2020году, мануалов на эту тему более чем достаточно
 
molotov477 сказал(а):
should one use a vpn to connect to the VPS or connect directly from own internet and clear connections logs on the way out?
I know it's bad opsec but you are not gonna get federal prison for connecting directly, im lazy so i just login directly
clearing logs will just start suspicion and could lead to change in creds
 
qGodless сказал(а):
I know it's bad opsec but you are not gonna get federal prison for connecting directly, im lazy so i just login directly
clearing logs will just start suspicion and could lead to change in creds
Well fortunately I live far far far away from the federal prison laws, I was just curious to know what is better for OpSec or for covering your tracks, but you are right, clearing logs would create suspicion, I will keep that in mind.

Also can you share any thread on here that contains creds for hacked VPS if possible.
 
sikidok сказал(а):
molotov.
How you plan to earn from this?
There are not many ways.

Many ppl get into networks but for what? What motivates them if you dont get money from it.
Maybe we could do some blackhat CPA, G00gle ads (clickjacking) or such?
Well as far as I had thought, I was thought about finding access to corps with big revenue and selling that access, I know it doesnt sound too lucrative and it would be time consuming and luck would be involved too but that is what I had thought about

I dont have any experience with ads or clickjacking and such so I dont know much about that, I'm mostly involved in network and AD pentesting and I like breaking into networks and computers.
 
sikidok сказал(а):
Как насчет компьютеров школьников/девочек?
Они часто играют в игры и скачивают все подряд.
Игровые аккаунты с разными вещами и так далее
все зависит от провайдера, некоторые провайдеры держат своих клиентов за NAT соответсвено вы не сможете найти открытый порт 3389
 
qGodless сказал(а):
I know it's bad opsec but you are not gonna get federal prison for connecting directly, im lazy so i just login directly
clearing logs will just start suspicion and could lead to change in creds
ooh, yikes, bro! i've absolutely nothing against you- personally- but this is monumentally bad advice/example to set
 
Are there any tutorials available on how to use these VPS Servers to bruteforce RDPS? I mean, found the c pael login page, logged in successfully, now what is next? I dont see a command line or any option, so I'm guessing I have to generate a ssh key and use that on my attacking machine and use proxychains to laucnh attack?
 
Последнее редактирование:
molotov477 сказал(а):
Существуют ли какие-либо учебные пособия по использованию этих серверов VPS? Я имею в виду, что нашел страницу входа в c pael, успешно вошел в систему, что дальше? Я не вижу командной строки или какой-либо такой опции, чтобы использовать ее? Любая помощь в этом будет принята с благодарностью.
не по теме впорос, топик про рдп, а вы про цпанель спрашиваете
 
athena3 сказал(а):
Got it, thanks mates for suggestions and links with postexp tools.
I've tried to use Havoc and was not so lucky with that framework (during creating a new payload I'm getting the error message with x64 compiler, even on all my environments x64, arm m1). So will cheank other ones.

Btw, to find ip ranges with that ip2locaton service (which the topic starter had mentioned) I've created some step by step biref manual, hopefully will be usefull to somebody:
1. Go and login/signup to http://lite.ip2location.com/ip-address-ranges-by-country and select desired country
2. Download IP2LOCATION-LITE-DB1.CSV.ZIP file (and yeah, it includes all countries)
3. Let's visit the github
git clone https://github.com/ip2location-python-csv-converter
4. move to downloaded local directory
5. install one python dependant module (ippaddress I belive)
6. execute python ip2location-csv-converter.py -cidr -append IP2LOCATION-LITE-DB1.CSV IP2LOCATION-CIDR.CSV
7. Now let's create the only list with your to-audit country using awk
cat IP2LOCATION-CIDR.CSV | grep India | awk -F ',' '{print $3}' | tr -d '"' > ip_range_India.txt

I know this is pretty obvious, so don't blame to much, I've spent at least more than 40 min to get it, and starting to use it.

peace to everyone
3. git clone https://github.com/ip2location/ip2location-python-csv-converter.git
 
admin


Напишите ответ...
  • Вставить:
Прикрепить файлы
Верх