Re: Request for Ncrack/NSE

[Brandon Enright <bmenrigh () ucsd edu>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 30 Mar 2010 15:58:02 -0500
Ron <ron () skullsecurity net> wrote:

> Apparently, nobody has a good program to crack passwords for rdp yet
> (port 3389) -- there are patches for the "rdesktop" program, and a
> Windows tool called tsgrinder, but both are slow/unreliable. 
>
> Anybody feel like researching the protocol and writing a tool? 


Having been on the receiving side of some serious mass RDP pwnage, I
know good tools exist in the underground.  I have wanted to audit our
machines for weak passwords via RDP but haven't been able to.  I did
some research about a year back and it was my understanding that there
was no protocol code that tells you if you log in successfully.  Unless
somebody has figured something out recently I think you must validate
successful login via image analysis.  That is, does it *look* like you
logged in.

I know on at least one of our boxes we found a RDP scanning tool.  If I
can think of where I put that binary I'll send it along.

Brandon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)

iEYEARECAAYFAkuyZwMACgkQqaGPzAsl94LOSACfVNIUzqbMRxobGkWuShu9+4Rq
cWIAnAv12sSgIv1F2D3ZbmX0zFTnijmk
=yYFV
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/