Nmap rdp-enum-encryption NSE Script
This page contains detailed information about how to use the rdp-enum-encryption NSE script. For list of all NSE scripts, visit the Nmap NSE Library.
| Select: |
|---|
Script Overview
Script source code: https://github.com/nmap/nmap/tree/master/scripts/rdp-enum-encryption.nse
Script categories: safe, discovery
Target service / protocol: ms-wbt-server
Target network port(s): 3389
List of CVEs: -
Script Description
The rdp-enum-encryption.nse script determines which Security layer and Encryption level is supported by the RDP service. It does so by cycling through all existing protocols and ciphers. When run in debug mode, the script also returns the protocols and ciphers that fail and any errors that were reported.
The script was inspired by MWR's RDP Cipher Checker
Rdp-enum-encryption NSE Script Arguments
The rdp-enum-encryption.nse script does not have any arguments.
Rdp-enum-encryption NSE Script Example Usage
Here's an example of how to use the rdp-enum-encryption.nse script:
nmap -p 3389 --script rdp-enum-encryption <ip>
Rdp-enum-encryption NSE Script Example Output
Here's a sample output from the rdp-enum-encryption.nse script:
PORT STATE SERVICE
3389/tcp open ms-wbt-server
| Security layer
| CredSSP (NLA): SUCCESS
| CredSSP with Early User Auth: SUCCESS
| Native RDP: SUCCESS
| RDSTLS: SUCCESS
| SSL: SUCCESS
| RDP Encryption level: High
| 40-bit RC4: SUCCESS
| 56-bit RC4: SUCCESS
| 128-bit RC4: SUCCESS
| FIPS 140-1: SUCCESS
|_ RDP Protocol Version: RDP 5.x, 6.x, 7.x, or 8.x server
Rdp-enum-encryption NSE Script Example XML Output
There is no sample XML output for this module. However, by providing the -oX <file> option, Nmap will produce a XML output and save it in the file.xml file.
Author
- Patrik Karlsson
References
- https://nmap.org/nsedoc/scripts/rdp-enum-encryption.html
- https://github.com/nmap/nmap/tree/master/scripts/rdp-enum-encryption.nse
- http://labs.mwrinfosecurity.com/tools/2009/01/12/rdp-cipher-checker/
See Also
Related NSE scripts to the rdp-enum-encryption.nse script:
Visit Nmap NSE Library for more scripts.
The rdp-enum-encryption.nse script may fail with the following error messages. Check for the possible causes by using the code snippets highlighted below found in the script source code. This can often times help in identifying the root cause of the problem.
Failed to connect to server
Here is a relevant code snippet related to the "Failed to connect to server" error message:
70: -- Prevent reconnecting too quickly, improves reliability
71: stdnse.sleep(0.2)
72:
73: local comm = rdp.Comm:new(host, port)
74: if ( not(comm:connect()) ) then
75: return false, fail("Failed to connect to server")
76: end
77: local cr = rdp.Request.ConnectionRequest:new(v)
78: local status, response = comm:exch(cr)
79:
80: if status then
%s: FAILED (%s)
Here is a relevant code snippet related to the "%s: FAILED (%s)" error message:
84: if ( success == 2 ) then
85: table.insert(res_proto, ("%s: SUCCESS"):format(k))
86: elseif ( nmap.debugging() > 0 ) then
87: local err = string.unpack("B", response.itut.data, 5)
88: if ( err > 0 ) then
89: table.insert(res_proto, ("%s: FAILED (%s)"):format(k, ERRORS[err] or "Unknown"))
90: else
91: table.insert(res_proto, ("%s: FAILED"):format(k))
92: end
93: end
94: else
%s: FAILED
Here is a relevant code snippet related to the "%s: FAILED" error message:
86: elseif ( nmap.debugging() > 0 ) then
87: local err = string.unpack("B", response.itut.data, 5)
88: if ( err > 0 ) then
89: table.insert(res_proto, ("%s: FAILED (%s)"):format(k, ERRORS[err] or "Unknown"))
90: else
91: table.insert(res_proto, ("%s: FAILED"):format(k))
92: end
93: end
94: else
95: -- rdpNegData, which contains the negotiation response or failure,
96: -- is optional. WinXP SP3 does not return this section which means
Failed to connect to server
Here is a relevant code snippet related to the "Failed to connect to server" error message:
159: -- Prevent reconnecting too quickly, improves reliability
160: stdnse.sleep(0.2)
161:
162: local comm = rdp.Comm:new(host, port)
163: if ( not(comm:connect()) ) then
164: return false, fail("Failed to connect to server")
165: end
166:
167: local cr = rdp.Request.ConnectionRequest:new()
168: local status, _ = comm:exch(cr)
169: if ( not(status) ) then
Version
This page has been created based on Nmap version 7.92.
Go back to menu.
