rdp-connections-without-password-allowed: Remote Desktop Connections Allowed Without Password

日期: 2025-08-01 | 影响软件: Remote Desktop | POC: 已公开

漏洞描述

Checks if Remote Desktop Protocol connections are allowed without requiring a password.

PoC代码[已公开]

id: rdp-connections-without-password-allowed

info:
  name: Remote Desktop Connections Allowed Without Password
  author: princechaddha
  severity: high
  description: Checks if Remote Desktop Protocol connections are allowed without requiring a password.
  impact: |
    Allowing RDP connections without a password increases the risk of unauthorized access to the system.
  remediation: |
    Require passwords for all RDP connections to secure access.
  tags: windows,rdp,code,windows-audit

self-contained: true

code:
  - pre-condition: |
      IsWindows();
    engine:
      - powershell
      - powershell.exe
    args:
      - -ExecutionPolicy
      - Bypass
    pattern: "*.ps1"
    source: |
      if ((Get-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server' -Name 'fPromptForPassword' -ErrorAction SilentlyContinue).fPromptForPassword -eq 0) { "RDP connections allowed without password." }

    matchers:
      - type: word
        words:
          - "RDP connections allowed without password."
# digest: 490a00463044022033b1611d57694572f195da6b3838e3d61149682dedc4fb7e6f6b42ce14f87fca02205617c1da4157b99364b002c292a5a1a281e07831bb39e8019b9dff678e7cdb3d:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/./code/windows/audit/rdp-connections-without-password-allowed.yaml

相关漏洞推荐