从命令行(没有GUI)进行远程桌面/RDP凭据检查 [英] Remote Desktop / RDP credentials check from command line (no GUI)
问题描述
我们当前正在编写一个工具,旨在检查各种应用程序(http,ssh,smb,rdp)上凭据的有效性.3前者没问题.但是对于RDP,我找不到轻松实现此目标的单一方法.
We're currently writing a tool aimed at checking the validity of credentials over various applications (http, ssh, smb, rdp). No problem for the 3 former. But for RDP, I couldn't find a single way of doing this easily.
该工具嵌入在Linux主机上托管的Web应用程序中,因此没有可用的X Server.
The tool is embedded within a web app hosted on a linux box, therefore there is no X Server available.
我已经成功使用了从命令行验证RDP凭据的唯一工具是THC-Hydra,它提供了一个用户名和密码,对于旧版本的RDP服务器或那些具有网络级别身份验证功能的服务器而言,它都可以正常使用.被降低了.
The only tool I have successfully used to validate RDP credentials from the command line is THC-Hydra, by supplying a single username and password, it works correctly for older versions of RDP servers, of for those where the Network Level Authentication has been lowered.
但是,当检查RDP凭据以获取最新版本的Windows或已加强网络级别身份验证的位置时,THC-Hydra似乎挂起了.
However, THC-Hydra seems to hang when checking RDP credentials for newest versions of Windows, or where Network Level Authentication has been hardened.
带有rdesktop客户端修补程序版本的美杜莎(Medusa)也会失败.(某些服务器需要CredSSP,SSL等)
Medusa with a patched version of the rdesktop client fails as well. (some servers require CredSSP, SSL, ...)
也有nmap的ncrack,但是由于某种原因,我只能得到读取"超时.
There's also nmap's ncrack, but for some reason I only get "READ" timeouts.
我让Ncrack工作,但是失败了-至少在Windows 2008 R2上(即使提供了正确的凭据,也找不到凭据).
I got Ncrack to work, however it fails - at least on Windows 2008 R2 (doesn't find credentials even when providing the correct ones).
有什么线索可以帮助我吗?
Any clues to help me?
欢呼
推荐答案
实际上,我找到了一种可靠的方法.总是当您停止寻找找到的东西时:)
Actually I found a reliable way to do that. It's always when you stop looking for something that you find it :)
使用超棒的远程桌面客户端FreeRDP和"+ auth-only"开关.身份验证成功时,退出状态为0,否则为1.还有一些错误消息,您可以grep进行处理.
Using the super awesome remote desktop client FreeRDP and the "+auth-only" switch. The exit status is 0 when authentication succeeds, 1 otherwise. There also are the error message that you can grep for.
验证失败:
jrm@deb-jrm:~$ static/xfreerdp /v:10.0.0.1 /cert-ignore /u:MyUser /MyDomain /p:WRONGPASS +auth-only
Authentication only. Don't connect to X.
credssp_recv() error: -1
freerdp_set_last_error 0x20009
Authentication failure, check credentials.
If credentials are valid, the NTLMSSP implementation may be to blame.
Error: protocol security negotiation or connection failure
Authentication only, exit status 1
Authentication only, exit status 1
有效身份验证:
jrm@deb-jrm:~$ static/xfreerdp /v:10.0.0.1 /cert-ignore /u:MyUser /MyDomain /p:GOODPASS +auth-only
Authentication only. Don't connect to X.
Authentication only, exit status 0
Authentication only, exit status 0
这篇关于从命令行(没有GUI)进行远程桌面/RDP凭据检查的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!