for all those who have been waiting for a TS bruteforce tool: TScrack 2.1 build 77 introduces bruteforce cracking against RDP servers. Its an interim release, and I didnt have time to update documentation, but I added a small txt file explaining how to use bruteforce mode. Grab it from http://softlabs.spacebitch.com/tscrack if you are interested.
If someone could test this on/against windows 2003? I guess it will work *on* it (since 2k3 is based on 2k) but not *against* it, as the AI is still the old one, and didnt ever see a single capture of a 2003 terminal server. I'd be however very suprised to hear that it works; unfortunately I cant test it here because I do not have a windows 2003 server available atm.
Also notice that there is a bug in the docs, saying TScrack does support 40bit encryption... tsk tsk, silly me, there is no such thing as 40bit encryption with RDP!
As a side note: Has any of your boxen ever been owned by 31337 IRC hax0rs? Have you ever found an unauthorized eggdrop, or a sdbot running on your servers? Check out http://www.spacebitch.com/cerebro.jpg then, and let me know what you think: [EMAIL PROTECTED] (hi spammers, I give a flying fsck bout ur inch-adding products btw).
Cheers --gridrun
---------------------------------------------------------------------------
KaVaDo is the first and only company that provides a complete and an integrated suite of Web application security products, allowing you to:
- assess your entire Web environment with a Scanner,
- automatically set positive security policies for real-time protection, and
- maintain such policies at the Application Firewall without compromising busines performance.
For more information on KaVaDo and to download a FREE white paper on Web applications - security policy automation, please visit: http://www.kavado.com/ad.htm ----------------------------------------------------------------------------
