M4RCG04M
  • 👨‍💻Welcome to my GitBook
  • WRITEUPS
    • HackTheBox
      • Windows
        • Remote
      • Linux
        • Jarvis
        • Tabby
    • Proving Grounds Play
      • BBScute
      • FunBoxEasyEnum
      • Monitoring
      • Loly
      • Pelican
      • Payday
      • Snookums
  • OSCP Preparation List
    • Hack The Box
    • Proving Grounds
  • NOTES
    • UTILS
      • Useful Files
      • Payloads
      • Lateral Movement
    • ENUMERATION
      • Port 79 (finger)
      • Port 80 (HTTP)
      • Port 111 (RPCBIND)
      • PORT 161/udp (SNMP)
      • PORT 389,636,3268,3269 (LDAP)
      • Port 6697 (IRCD)
      • Database Analysis
      • Grafana
    • FILE TRANSFERS
    • ACTIVE DIRECTORY
      • Known Vulnerabilities
      • Without Credentials
        • Classic Attacks
      • With Username
      • Valid Credentials
      • Lateral Move
      • ACLs/ACEs permissions
      • Active Directory Certificate Services (AD CS)
      • Administrator account
      • Domain Admin
    • EXPLOTATION
      • Port 53 (DNS)
      • Port 80 (HTTP)
        • CMS
        • SQL INJECTION
        • XXE
        • File Upload
        • Cross Site Scripting (XSS)
      • Port 3389 (RDP)
      • Password Attacks
        • Hash Cracking
    • PRIVILEGE ESCALATION
      • Windows
        • Enumeration
        • Windows User Privileges
        • Windows Group Privileges
        • Weak Permissions
        • Windows Vulnerabilities
        • Credential Hunting
        • Tools
      • Linux
        • Enumeration
Powered by GitBook
On this page
  1. NOTES
  2. EXPLOTATION

Port 3389 (RDP)

Connection

xfreerdp /v:<RHOST> /u:<USERNAME> /p:<PASSWORD> /cert-ignore
xfreerdp /v:<RHOST> /u:<USERNAME> /p:<PASSWORD> /d:<DOMAIN> /cert-ignore
xfreerdp /v:<RHOST> /u:<USERNAME> /p:<PASSWORD> /dynamic-resolution +clipboard
xfreerdp /v:<RHOST> /u:<USERNAME> /d:<DOMAIN> /pth:'<HASH>' /dynamic-resolution +clipboard
xfreerdp /v:<RHOST> /dynamic-resolution +clipboard /tls-seclevel:0 -sec-nla
rdesktop <RHOST>

PreviousCross Site Scripting (XSS)NextPassword Attacks

Last updated 4 months ago