hacking contest

hacking exploits security forum
hacking
compliance articles
upgrade backup exec
information security consultant
Help - Search - Member List - Calendar
GovernmentSecurity.org > System Security > Beginners Section
Master00
May 1 2004, 05:10 PM
Hi , is there a terminal services scanner? i mean a diccionary scanner. Ive seen one here but its like a macro , that manually opens ts and type in username and password from a txt. Is there a fast scanner? thnkx in advance
JohnAcres
May 2 2004, 01:56 AM
yea theres tsgrinder... just google for it ull find it rather quickly
net_runner
May 2 2004, 02:37 AM
thanks for the tip, i will google it
Loxy
May 2 2004, 08:43 AM
Any of you out there ever had the patience for tsgrinder to actually get in? heh
Master00
May 2 2004, 09:04 AM
JohnAcres read my thread tongue.gif , the macro one i was talking about was tsgrinder , a mean a damn fast threads scan. that verifies username and password in ts.
s54
May 2 2004, 10:37 AM
There is none and if you would actually peek a bit into the RDP protocol you would know that a simple and fast scanner isn't possible at all.

And for win2k3 every moron can build one on its own.
x1`
May 2 2004, 01:06 PM
this is for port 3389 right?
hellraiza
May 2 2004, 04:07 PM
get a port scanner and scan through port 3389.
save them in a list.
then use NTScan and set parameters on host list (give him a list with the scanned ips)
then click on the box at SMBscan
connection shares on ipc$
scan host open port 3389
then threads between 300-500

now let him scan
wait...
wait...

in ntscan.txt are the results.

so I had many vulnerable servers

sorry for my english!

hellraiza
Psychotec
May 2 2004, 09:46 PM
well there is a terminal services cracker....

tscapture.exe - terminal services session capture utility

or in other words: Dictionary Based Windows Terminal Services Cracker tongue.gif

Program : tscapture.exe, Aug 05 2002, 36'864 Bytes
Author : gridrun [TNC]
Version : 1.1.0 [bug fix release]
Homepage : Homepage tscapture.exe
Platform : Win32 [tested on 2K]
Requires : msvbvm60.dll [VB runtime]
msrdp.ocx [MS Terminal Services Advanced Client]

Captures of the following OS configurations are specially wanted:
  • Windows NT4 Terminal Server Edition
  • Windows NT4 Terminal Server Edition
  • Windows 2000 Server
  • Windows XP professional
  • Windows XP home
  • Windows .NET server
  • any Citrix (or other) RDP servers


All languages are accepted, asian language captures especially wanted,
NOT needed are captures of the dekstop after logon and similar.

Enjoy wink.gif
Killaloop
May 3 2004, 08:29 AM
QUOTE (hellraiza @ May 2 2004, 04:07 PM)
get a port scanner and scan through port 3389.
save them in a list.
then use NTScan and set parameters on host list (give him a list with the scanned ips)
then click on the box at SMBscan
connection shares on ipc$
scan host open port 3389
then threads between 300-500

now let him scan
wait...
wait...

in ntscan.txt are the results.

so I had many vulnerable servers

sorry for my english!

hellraiza

what ever has IPC todo with terminal service?
and because of the nature of the terminal service only a multithreaded one which scans many ips at one time can do any good. terminal service disconnects you after 3 wrong attempts
extreme83
May 4 2004, 12:09 PM
does anyone know how to enable terminal services that allows remote connections..
there is a checkbox when you go to my computer > properties > remote > "allow users to connect remotely to this computer"

is there a way to change a registry key using DOS to enable this from a shell?

thanks in advance
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
 
Invision Power Board © 2001-2005 Invision Power Services, Inc.