14-RDP (3389)

Remote Desktop Protocol RDP (Port: 3389)

MSF module for scanning if RDP is available on a certain port

• auxiliary/scanner/rdp/rdp_scanner
  This module check if a certain port running RDP by sending a user & pass and also tries to guess the system OS info.

MSF module to enable RDP:

post/windows/manage/enable_rdp

This module enables the Remote Desktop Service (RDP). It provides the options to create
an account and configure it to be a member of the Local Administrators and
Remote Desktop Users group. It can also forward the target's port 3389/tcp.

! 800

And we can confirm it's open:

! 700

1. Now set USERNAME and PASSWORD in the module options to create them and enable RDP with them:
2. then connect with them using #xfreerdp tool.

! 1000

This is proof:

Brute force RDP:

1. use Hydra to bruteforce rdp service
2. use #xfreerdp to login to rdp
3. command : xfreerdp /u:<user> /p:<pass> /v:<ip address>:<port if not default>

Exploits & Vulnerabilities:

CVE-2019-0708 (BlueKeep) RDP