从命令行(没有GUI)进行远程桌面/RDP凭据检查 [英] Remote Desktop / RDP credentials check from command line (no GUI)

问题描述

我们当前正在编写一个工具，旨在检查各种应用程序(http，ssh，smb，rdp)上凭据的有效性.3前者没问题.但是对于RDP，我找不到轻松实现此目标的单一方法.

We're currently writing a tool aimed at checking the validity of credentials over various applications (http, ssh, smb, rdp). No problem for the 3 former. But for RDP, I couldn't find a single way of doing this easily.

该工具嵌入在Linux主机上托管的Web应用程序中，因此没有可用的X Server.

The tool is embedded within a web app hosted on a linux box, therefore there is no X Server available.

我已经成功使用了从命令行验证RDP凭据的唯一工具是THC-Hydra，它提供了一个用户名和密码，对于旧版本的RDP服务器或那些具有网络级别身份验证功能的服务器而言，它都可以正常使用.被降低了.

The only tool I have successfully used to validate RDP credentials from the command line is THC-Hydra, by supplying a single username and password, it works correctly for older versions of RDP servers, of for those where the Network Level Authentication has been lowered.

但是，当检查RDP凭据以获取最新版本的Windows或已加强网络级别身份验证的位置时，THC-Hydra似乎挂起了.

However, THC-Hydra seems to hang when checking RDP credentials for newest versions of Windows, or where Network Level Authentication has been hardened.

带有rdesktop客户端修补程序版本的美杜莎(Medusa)也会失败.(某些服务器需要CredSSP，SSL等)

Medusa with a patched version of the rdesktop client fails as well. (some servers require CredSSP, SSL, ...)

也有nmap的ncrack，但是由于某种原因，我只能得到读取"超时.

There's also nmap's ncrack, but for some reason I only get "READ" timeouts.

我让Ncrack工作，但是失败了-至少在Windows 2008 R2上(即使提供了正确的凭据，也找不到凭据).

I got Ncrack to work, however it fails - at least on Windows 2008 R2 (doesn't find credentials even when providing the correct ones).

有什么线索可以帮助我吗?

Any clues to help me?

欢呼

推荐答案

实际上，我找到了一种可靠的方法.总是当您停止寻找找到的东西时:)

Actually I found a reliable way to do that. It's always when you stop looking for something that you find it :)

使用超棒的远程桌面客户端FreeRDP和"+ auth-only"开关.身份验证成功时，退出状态为0，否则为1.还有一些错误消息，您可以grep进行处理.

Using the super awesome remote desktop client FreeRDP and the "+auth-only" switch. The exit status is 0 when authentication succeeds, 1 otherwise. There also are the error message that you can grep for.

验证失败:

jrm@deb-jrm:~$ static/xfreerdp /v:10.0.0.1 /cert-ignore /u:MyUser /MyDomain /p:WRONGPASS +auth-only
Authentication only. Don't connect to X.
credssp_recv() error: -1
freerdp_set_last_error 0x20009
Authentication failure, check credentials.
If credentials are valid, the NTLMSSP implementation may be to blame.
Error: protocol security negotiation or connection failure
Authentication only, exit status 1
Authentication only, exit status 1

有效身份验证:

jrm@deb-jrm:~$ static/xfreerdp /v:10.0.0.1 /cert-ignore /u:MyUser /MyDomain /p:GOODPASS +auth-only
Authentication only. Don't connect to X.
Authentication only, exit status 0
Authentication only, exit status 0

这篇关于从命令行(没有GUI)进行远程桌面/RDP凭据检查的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！