Big Jump In Remote Desktop Attacks?! Watch How Hackers Do It And Protect Your Computers Now!

What other trends of cyber attacks have been reported lately?

Just to save your time: in this video, you can see how to brute-force a Windows RDP service using a script called crowbar and how to setup up security measures in Windows.

Just for people who are stuck finding the local security policy. THIS IS NOT AVAILABLE ON WINDOWS HOME (only pro, enterprise and a couple more)

Dear Loi, I really admire your work & you the way you present , makes it much more interesting. :)
I want to ask a very basic question here related to Hardware, what would be the minimum configuration needed to run these kind of Brute force attack.
I am testing Crowbar & using my own custom made word list in my Lab Environment.

On the other hand by limiting the attempts of access to a certain number leads to denial access exploits if I am not mistaken.

I really like your videos and everyday wait for your video.

Amazing. Thank you for your great content! Seeing a lot of RDP pops in my SOC. From blue perspective, seeing this video is like being blind then suddenly being able to see. A lot of the time it's just like "Yeah, there is malicious activity, but who TF knows where it came from." Amazing to be able to see from the other side.
For the RDP session, any activity would be visible from the employee/victim's perspective, right? It wouldn't create a hidden session? So the attacker would have to log on at a time when the employee was not likely to be on the desktop?

So does it mean the remote connection has to be enabled before this can be successful?

I think you should explain how to scan systems for services like RDP in an ip range. Your video skips over important parts of obtaining the needed info to launch attacks against vulnerable systems. Brute force attacks do not work on systems that do not use dictionary words as passwords. Obviously 3rd party lists of commonly used or stolen passwords work in some cases but no competent admin is using dictionary words or commonly used passwords to secure their devices on a network.

Hi ... this was based on windows PC ... can you do a video or provide more information on Linux ... specifically POP's OS

Thanks for showing this security policy, I wasn't aware of it!

I am new here, I am getting passion for Cyber Security, and also becoming and ethical hacker. Am enjoy your videos. Do you have like a coaching session or class?

Do you need to change any setting to execute this on a computer outside your local network ?

OMG, i i finished the video and just found the solution i think, my windows is in Active Directory Domain join and i configured the exactly policy he just did through Group Policy Managent tool in AD Windows Server 2019, btw this is what i use fro my homelab. i guess i will give different dns or i will change the policy to 0 attempt, thanks lot buddy!

Example is with NLA disabled but crowbar says it supports NLA. If you're curious.

Does it require that the target windows computer has to be on the same network as the attacker ?

Iappreciate your perfect knoledge your support. TANKS.

You were trying to brute force this within the same network or over internet process?

in azure use security centre and 'just-in-time', and allow connectivity from only company vpn public router ip or company vpn dhcp subnet for given server.

Using those policies will automatically block your Server, as bot-nets are attacking the RDP port constantly. So make an IP Scope in your Firewall will be the solution, instead of using a windows server policy.

Thank you... what level of knowledge is required to complete your ethical hacking course and does it lead to a recognized qualification at all?

Excellent vid and channel, thx for sharing. I would like to pick your brains for a question bugging me for some time: since win 10 was launched I have come across, while trying to disable the remote access in several computers, a warning that the OS I was using did not have that option available any more. Was that a sign of a probable hacking in progress, or is it a fact that you are aware of? It felt odd back then...

what do you think about the RMM tool/platform? are they secured? what do you recommend as RMM?

Awesome video, great information! You have a fantastic channel keep up the great work. Thank you!

great!!!!!!!!!!!!! thank you for ur lessons!!!!!!!!

The edition of the Windows that my laptop is using (home edition), doesn’t have the Remote Desktop, but only has the Remote Assistance in the Advance System Settings, so does it mean that the Windows version make my laptop not eligible for remote desktop connection? And if so, is it still possible for hackers to remotely control and access my laptop?

U come after a long time, good to see u man! most of them try to attack only but I believe in securing and u too also!

the chance of this attack to succeed in real world is 1% or less

Thumbs Up, how can i find a list of ransomware of their extensions of the Users files?

Thank u sir for your video and information. Actually i have a case. My pc had a virus and once it was running qemu which i believe is used to gain access to computer from remote desktop plzz help me sir and tell me what should i do plzz sir im afraid those hackers might get my imp data😭.

Nice explanation! Thanks for sharing.

Can I edit the Local Policy with Windows 10 Home as well?

when i try cd crowbar/ it says no such file or directory anyone can help me fix it

1:36 I f the pc trying to be hacked via rdp is in domain and and you check Allow connections from ........ Network Level Authentication he wonyt be able because he is not a member of the domain . Even if he tries to join he will need an admin account to do so. Most measurements better the changes to bypass you the net bots trying to find holes in the system

This is misleading. The hacker first needs access to your network. Unless you port forward, but that's just stupid. Use VPN instead.

What if the attack pc did not turn on Allow Remote Assistant connections to this computer? Can we still hack in by this method?

I LOVE YOUR ALL VIDEOS, U ARE SO GOOD PERSON 👍 💗 😍😘

I was wondering is there anyway to access the host computer with logging the user off while your login. Using Remote desktop?

great video and love your content!

Beside this I also change the default port and add inbound rules to allows only trusted IP to pass-thru; a little pain if you're a traveler but that's what vpn is for. May be an open 2FA is the next option for sure.

Thanks for another great video Loi. After this video, I noticed that my laptop has been hacked several times before (or more than that) without knowing.
I tried your instruction with my virtual window 10 pro. I successfully access the log on screen, but it shows "to sign in remotely, you need the right to sign through remote desktop services"
Any solutions to solve this problem from my kali machine?

Thank you

i need your help i have been hit with a reverse shell attack how do i stop this

Thanks

🙏 Thanks man..!! For uploading this video...👍

so ... if the password its not like so easy ? also if the target pc has the usernames renamed, like i always do after installing it, algo if the target user its normal user, u cant do much, such as installing a keylogger or a malware, things like that, those things that a not good hacker would do.

Thanks for this video

I just wasted 10 minutes of my life - i thought you were exploiting a known RDP CVE, not a basic brute force.

Is there a good free solution to enable 2FA for RDP access?

hello I'm using windows 11 and some phew days ago thank you for my av alert me they wastry to hack my PC via the RDP printings tool so the av block the intrusion but what I get worried about it was a massive attack with this tutorial do I say or did you recommend me to disable RDP so I didn't use RDP at my PC

Thanks for teaching, very clear.

Does it work if I use VPN between me and remote host??? please answer.. or maybe someone inside the VPN can he does this attack?

hi great video, but local security policy app is not available on windows 10 HOME editions, as well as using secpol.msc or gpedit.msc, im not sure but other youtube videos or forums on how to solve this issue requires you to have to download third party apps or tools? i dont think this is safe or they could be trusted, is there a way to do this on windows 10 home edition without download any tools?

Thanks for explaining these important stuffs. I like it.

Bro put a content how hacker spoof sms

Thank you for this information

Hi, my onenote has two .exe files. And everytime i watch TH-cam video, something similar to what I has written in onenote would appears in youtube etc.. how to cure this?

Rule 1: don't expose RDP (or any other unnecessary service) to the Internet.

how do i scan list of unknown range of ip address which has port 3389 open..any command fr tht

Best info
Many thanks for you

Can you make a video about making a backdoor (maybe undertake would be nice) thanks!

Thank you. 감사합니다.

I guess it is better not to allow remote desktop instead of changing account lockup modification. Am I wrong? And why allow 2 times? Is it something wrong if I lock up after 1st attempt?

i wish i could buy your full ethical hacking course but its 997$...way too expensive..

realy i lked your videos but want ask you one how to tack someone using kali linux

Hi Loi! Thanks for your labor, it's very good to start but not applicable for present day for 99% companies (Account lockout policy enabled almost everywhere).
But anyway, thank you for all! It very useful material because when you know how to HACK target via some special port/protocol/APP or what ever - you will know more about HOW TO PROTECT! Thanks ;)

Hi Loi. I have enabled or allowed remote access to my target machine. In fact, i was able to successfully ping the IP Address but after running the command to start i'm still getting "Trying (the ip address:3389). Any suggestions>

Can RHOSTS be set to a text file containing a list of IP's?

Useful information - thanks.

lovely content, eye opening thanks alot...

Sir the attack which you have shown in video is on local network base attack but if we want to perform attack over the network then what is command for that And if any network administration has change default port of rdp then how to find port of rdp please reply

Please make ADB videos 👍👍👍👍👍

if the user doesnt have a password... what should we use in the parameter -C ?

can you plz make a video on RAT ( Remote Access Trojan ) Virus plz with full installation and steps

Great share, thanks a lot! Is there any list of your preferred tools, such as freerdp, metasploit etc. ? It would be great to install the whole environment alltogether! 😉

U done a Fantastic video for US thanks man

Wow great video

Local security policy isn't available.What to do

My account lockout threshold is grey and cursor down/up is disabled or not working.
What that mean ?

how th do u get metasploit

but you can only use this if you have windows 10 pro otherwise in normal or home editions it does not allow you to do it

is that your ip address in the crowbar command or its the victims ip ??

I tried to do that for practice but I am stuck on this issue "" not enough arguments for the string "" what should I do please help if you can.

Is your computer safe from rdp attach if the "don't allow remote connections to this computer" is checked

I’m not sure how I can follow along and copy every step and it still fails haha

This is what i need

Very informative video sir

how do i block my computer from these things even with a firewall, router, and antivirus? do they even help?

but i learned to install and clone metasploit, now i dont have to install kali to use it, thanks

Hi, thank you for the video. I tried to get the password of a known user through the crowbar command. But while running, crowbar is picking up the first IP address of the subnet instead of the actual IP address of the machine mentioned in the command. Why is this happening and how can I fix it?

What ver of linux are you using

Hello, where we can find this password file list? Which been used for the attack?

.with backend or front end .notice if you tamper with the set it can mess up the setting. I can't find anything like this .
I wish I new the software and where it would fit in...with the hard ware ....example a phone app has to be with your phone or device...to use the phone to call ..
Nice if you could dial the router or gate way from the URL..and it seems like this is only going to work if your connected to the same lan🔥. .
.😈.
.
. .

Nice content man

Sir how can i get your membership?

If I'm not currently logged in. Will myself also be blocked from logging in?

Does anyone have experience with the MINIORANGE 2FA system for Windows? Would that be a good choice?

Thanks a lot bro... 👍

Hi professional, my wireshark shows a foreign ip has been broadcasting data to my local router which has IP 172.xxx.x.x. I recall my router should be 192.168.x.x right? How come it is this 172 address? If you could help, that would be great.

Dumb question but, how do i check my rdp client ip? Please help me