[Call for Testers] Ncrack RDP module

[ithilgore <ithilgore.ryu.l () gmail com>]

Hello nmap-dev,

As you already know, I was lately working on a Ncrack module meant to crack
Microsoft's Remote Desktop Protocol. This was a lot of work given the
complexity of it, but finally it is here! You can grab a copy of it along
with the latest version of Ncrack from the SVN repository:

$ svn co --username guest --password "" svn://svn.insecure.org/ncrack

Note, that because of the large number of packets involved, even for the
connection/authentication phase, this module is very slow. I have some
ideas to make it faster in the near future but this will probably take a while.

As I mention in the man page, care must be taken against RDP servers in
Windows XP versions, since they can't handle multiple connections at the
same time. It is advised to use a very slow timing template or even better
limit the maximum parallel connections using timing options such as CL
(Connection Limit) or cd (connection delay) against Windows XP (and
relevant) RDP servers. Windows Vista and above don't suffer from the same
limitation. An example (against Windows XP) would be:

$ ncrack 192.168.1.2:3389,CL=1,cd=5s

The above command will limit Ncrack to 1 concurrent connection and a delay
of 5 seconds between each connection probe.

I have tested the module successfully against Windows XP, Vista, 7, Server
2008.

Let me know if you find any problems. I would appreciate any feedback on it.

Cheers,
ithilgore


-- 
http://sock-raw.org
http://twitter.com/ithilgore
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/