-
[Network] Finding Open Windows Terminal Servers
something you could do when you are bored and you are sitting around in a foreign network …
- $namp 10.0.0.* - get all clients in your network
- $nmap -p 3389 10.10.0.* -oG terminals.txt - get all machines with a open windows terminal, “oG” makes the output ~greppable~
- $cat terminals.txt | grep open - just show lines with open ports …
- $cat terminals.txt | grep open | cut -d ” ” -f 2 > openterminals.txt - … and cut the 2nd field = just IPs with open ports
- $nmap -O 1L openterminals.txt - … get the OS of those
- $nmap -sV -p 3389 10.10.0.180 - take a more detailed view on one of those client IPs
