Nmap Development mailing list archives
Re: scan for RDP
From: Christian Heinrich <christian.heinrich () cmlh id au>
Date: Tue, 20 Mar 2012 10:23:56 +1100
Polloxx, I leveraged the IIS banner grabbed by Shodan to correlate RDP to Microsoft Small Business Server based on the inurl:/Remote/logon.aspx?ReturnUrl=/Remote/Default.aspx (with and without quotation marks) search query. The Maltego Graph is available from http://cmlh.id.au/post/19595166120/rdp-sbs if you are interested in this alternate approach? On Tue, Mar 20, 2012 at 2:53 AM, polloxx <polloxx () gmail com> wrote:
I would like to write an NSE script to find all Windows servers running RDP on non-default ports on my network. I know I can find the Version of a service by running the -sV option in nmap. So I want to scan my IP block on all ports and find IP's where there's a service with version "Microsoft Terminal Service". Is there any existing useful for that? Any other advice?
-- Regards, Christian Heinrich http://cmlh.id.au/contact _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- scan for RDP polloxx (Mar 19)
- Re: scan for RDP Daniel Miller (Mar 19)
- Re: scan for RDP Christian Heinrich (Mar 19)