Re: ncrack RDP module and login dialogs/banners

[Fotis Hantzis <ithilgore.ryu.l () gmail com>]

On Mon, Jan 30, 2012 at 4:50 PM, Dewhirst, Rob <robdewhirst () gmail com> wrote:
> Occasionally I would run into a host that would display this sort of
> progress trying to connect to a RDP server:
>
> rdp://10.10.10.10:3389 (EID 1) Attempts: total 0 completed 0 supported
> 0 --- rate 0.00
> rdp://10.10.10.10:3389 (EID 2) Attempts: total 0 completed 0 supported
> 0 --- rate 0.00
> rdp://10.10.10.10:3389 (EID 3) Attempts: total 0 completed 0 supported
> 0 --- rate 0.00
> rdp://10.10.10.10:3389 (EID 4) Attempts: total 0 completed 0 supported
> 0 --- rate 0.00
> rdp://10.10.10.10:3389 (EID 5) Attempts: total 0 completed 0 supported
> 0 --- rate 0.00
> rdp://10.10.10.10:3389 (EID 6) Attempts: total 0 completed 0 supported
> 0 --- rate 0.00
> rdp://10.10.10.10:3389 (EID 7) Attempts: total 0 completed 0 supported
> 0 --- rate 0.00
>
> It looks like this is what happens when the RDP server displays a
> welcome message/banner dialog box prior to a login dialog. Tsgrinder
> seems to be aware of the issue and says it is not affected.
>
> Any workaround for this that I missed?


Hello, this is indeed a lack of the RDP module's capacity to
understand that there is a login banner.
As of now, there is no known workaround, until it gets fixed.
Regards,
ithilgore
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/