Security Penetration Test-W2K Terminal Services pwd cracker
Results 1 to 3 of 3

Thread: Security Penetration Test-W2K Terminal Services pwd cracker

  1. #1
    Junior Member
    Join Date
    Sep 2002
    Posts
    2

    Smile Security Penetration Test-W2K Terminal Services pwd cracker

    Hii
    Does anyone know of a password cracker for Win2K
    terminal services? During a pentest I've found port
    3389/tcp open on the client's web server, and can get
    access to a login prompt.

    Like TSGrinder bu I don't think it is
    avaible now for download.
    http://www.hammerofgod.com/download.htm

    Any guidance would be appreciated.


    Regards
    Maya

  2. #2
    Originally posted here by Tek Weasel

    All this information can be found @ http://www.hammerofgod.com/download.htm

  3. #3
    Senior Member
    Join Date
    Feb 2002
    Posts
    177
    During a pentest I've found port 3389/tcp open on the client's web server, and can get access to a login prompt.
    If users are connecting to the Terminal Server from outside the LAN, then they need to use the Remote Desktop Protocol. This is port 3389/tcp. If you need users to access this from outside the network then you must leave this open. If you are not using this feature, then this port should be closed.
    If this port must stay open, then you're sacrificing security for accessibility. I'm sure there's a way to set up encryption or something. Look up Securing Termainl Services for Win2k.

    My question is, why do you need a passwrod cracker? Why would you be trying to break into the site. If you did just a little bit of research, you'd realize what this port was. If, you're actually doing real penetration testing, then get with the network admin, and do some research on securing terminal services for win2k.
    What will cracking the password say?
    "Look! Weak passwords!"
    or....
    "Look! I just 'hacked' someone's web site!"

    If this is legit, then sorry for the attitude, but you should really do some more research.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •