xfreed0m / rdpassspray Goto Github PK
View Code? Open in Web Editor NEWPython3 tool to perform password spraying using RDP
License: GNU General Public License v3.0
rdpassspray's Issues
Failed to establish connection, check target RDP availability.
Something is not working ok.
Running on Kali 5:
# python3 RDPassSpray.py -u admin -p admin -t 127.0.0.1 -d domain
[19-08-2019 16:57] - Total number of users to test: 1
[19-08-2019 16:57] - Total number of password to test: 1
[19-08-2019 16:57] - Total number of attempts: 1
[19-08-2019 16:57] - [*] Started running at: 19-08-2019 16:57:55
[19-08-2019 16:57] - [-] Failed to establish connection, check target RDP availability.
[19-08-2019 16:57] - [*] Resetting to the original hostname
# xfreerdp /v:127.0.0.1 +auth-only /d:domain /u:admin /p:admin /cert-ignore
[16:57:13:794] [1880:1881] [INFO][com.freerdp.client.common.cmdline] - loading channelEx cliprdr
[16:57:13:794] [1880:1881] [INFO][com.freerdp.client.x11] - Authentication only. Don't connect to X.
[16:57:14:104] [1880:1881] [WARN][com.freerdp.core.nego] - Error: SSL_NOT_ALLOWED_BY_SERVER
[16:57:14:405] [1880:1881] [WARN][com.freerdp.core.nego] - Error: SSL_NOT_ALLOWED_BY_SERVER
[16:57:16:796] [1880:1881] [ERROR][com.freerdp.core] - Authentication only, exit status 0
[16:57:16:796] [1880:1881] [ERROR][com.freerdp.client.x11] - Authentication only, exit status 0
failed to open display: :0
I'm surprised that I'm the first one to post this:
I call with sudo RDPassSpray.py ... or sudo su; ./RDPassSpray.py...
This part
subprocess.call(
"hostnamectl set-hostname '%s'" % hostnames_stripped[
attempts_hostname_counter],
shell=True)leads for me to:
[ERROR][com.freerdp.client.x11] - failed to open display: :0\n[09:05:38:106] [93227:93227] [ERROR][com.freerdp.client.x11] - Please check that the $DISPLAY environment variable is properly set.\n' b''
I can comment it out and it works or change it to sudo hostnamectl... both works.
It's probably b.c. I dont have a list of hostnames to choose from? It looks like it iterates over the chars of my default hostname. e.g. kali -> k, a, l, i
Script breaks if user's password has a <space>
An error occurs when using the script to password spray user accounts that have (spaces) in their passwords. I checked the script but couldn't identify why this happened. I noticed the strip() function is called only for a password_list.txt, not for single password. However the python script breaks with submitting the following:
python RDPassSpray.py -u 'validuser' -p 'Valid pass with a space' -t -d
.
nothing at me
┌──(root㉿k)-[/home/kali/Desktop/RDPassSpray]
└─# python3 RDPassSpray.py -u administrator -p /home/kali/Desktop/least_500 -d PremoHost -t 192.168.16.15
[25-05-2023 02:11] - Total number of users to test: 1
[25-05-2023 02:11] - Total number of password to test: 1
[25-05-2023 02:11] - Total number of attempts: 1
[25-05-2023 02:11] - [*] Started running at: 25-05-2023 02:11:42
[25-05-2023 02:11] - [*] Overall compromised accounts: 0
[25-05-2023 02:11] - [*] Finished running at: 25-05-2023 02:11:45
┌──(root㉿k)-[/home/kali/Desktop/RDPassSpray]
```
┌──(root㉿k)-[/home/kali/Desktop/RDPassSpray]
└─# python3 RDPassSpray.py -u administrator -p /usr/share/wordlists/rockyou.txt -d PremoHost -t 192.168.16.15
[25-05-2023 02:10] - Total number of users to test: 1
[25-05-2023 02:10] - Total number of password to test: 1
[25-05-2023 02:10] - Total number of attempts: 1
[25-05-2023 02:10] - [*] Started running at: 25-05-2023 02:10:39
[25-05-2023 02:10] - [*] Overall compromised accounts: 0
[25-05-2023 02:10] - [*] Finished running at: 25-05-2023 02:10:43
┌──(root㉿k)-[/home/kali/Desktop/RDPassSpray]
└─# cd ..
```
Add check for RDP service is running
I had my Windows 7 with RDP turn off then I ran your script, it still showed this for all dictionary entries
[+] Seems like the creds are valid, but no RDP permissions:
You should add a check for whether RDP port is opened before continue to bruteforce
reduce report file?
Good afternoon.
When I spray, a large report file is formed (I have more than 500k users). Is it possible to write only a successful input to an SCV file?
Doesnt ouput target
Hey mate, real quick when I run the tool in my lab it says "Cred successful (maybe even Admin access!): USER :: PASS " but it doesnt tell me what machines it is. I added a basic
+ '@' + target to each code print statement to make it easier for myself when using it.
I just think its a really good tool and something simple like the above would be a real QoL improvement
Installing xfreerdp
I am having issues installing xfreerdp on my kali vm are there any dependencies for or repos needed for it?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.