3389 Pentesting RDP

Xfreerdp Command

xfreerdp /v:IP /u:USERNAME /p:PASSWORD +clipboard /dynamic-resolution /drive:$(pwd),share

We can try to see the login page of the RDP to do some enumeration, this can be done by disabling Network Level Authentication

This approach bypasses the pre-authentication security layer that NLA normally provides. When NLA is disabled:

The remote server will display the login GUI without requiring upfront authentication

xfreerdp /v:10.10.73.33 -sec-nla

Last updated 4 months ago