LinuxCommandLibrary

impacket-rdp_check

Verify validity of RDP credentials

TLDR

View documentation for the original command

$ tldr rdp_check.py
copy

SYNOPSIS

impacket-rdp_check [-h] [-debug] [-target-ip IP] <user>[:<password>]@<target>

PARAMETERS

-h, --help
    show this help message and exit

-debug
    Turn DEBUG output ON for verbose logging

-target-ip ipaddress
    IP Address of the target machine (overrides name resolution)

DESCRIPTION

impacket-rdp_check is a Python-based tool from the Impacket suite used to probe Windows hosts for Remote Desktop Protocol (RDP) availability and validate credentials non-interactively. It connects to TCP port 3389, initiates an RDP negotiation, and tests authentication using supplied username, password, or NTLM hashes.

This utility is invaluable in penetration testing for enumerating valid RDP logons across networks, enabling attackers to identify lateral movement vectors without spawning full desktop sessions. Success indicates the target allows RDP access with the credentials, potentially exposing the host to tools like impacket-rdp or native RDP clients.

The tool outputs clear status like 'RDP [+] credentials valid' or failure reasons, with debug mode providing verbose protocol details. It handles name resolution via -target-ip and supports domain-qualified logons. Note it does not execute commands, focusing solely on connectivity and auth checks.

Developed for security research, it requires Python and Impacket libraries, running efficiently on Linux for remote Windows assessment.

CAVEATS

Requires RDP service running on target (port 3389/TCP open); failed auth may trigger security logs; no support for certificate pinning or NLA bypass; Python 3+ and Impacket required.

USAGE EXAMPLE

impacket-rdp_check administrator:Password123@192.168.1.100
Tests RDP creds on target IP.

impacket-rdp_check -debug DOMAIN\\user:pass@target.fqdn -target-ip 10.0.0.5
Debug mode with explicit IP.

OUTPUT SAMPLE

RDP Session Setup:
(+) Target: 192.168.1.100
(+) Credentials: valid for RDP access

HISTORY

Part of Impacket toolkit, originally developed by SecureAuth Corporation around 2012-2015 for protocol implementation; actively maintained by Fortra (formerly Core Security) with RDP checks added for Windows exploitation research.

SEE ALSO

impacket-psexec(1), impacket-smbexec(1), nmap(1)

Copied to clipboard