Мамкины Хакеры брутфорсят RDP

теория:

Брутфорс атака на протокол удаленного рабочего стола (RDP) – один из наиболее распространенных методов хакеров для несанкционированного доступа к системе. Этот вид атаки основан на переборе паролей, путем автоматизированной попытки ввода различных комбинаций паролей до тех пор, пока не будет найден подходящий. Для защиты от брутфорса RDP, рекомендуется использовать сложные и уникальные пароли, активировать двухфакторную аутентификацию, ограничить доступ к RDP по IP адресам, а также использовать межсетевые экраны и средства мониторинга активности пользователей.

практика:

собираю ipишники тех кто ломится по RDP на мои сервера

свежий файлик с айпишниками 👉 GitHub

логины по которым брутфорсят: ↓

#l@$ak#.lk $5404 - 0000 0003r 001 002 003 004 006 00780com 008 009 01 010 012 016 018 01dB 021 0212 04tech1 05 1 1001 1002 1004 101 1014 1018 1019 1020 107 109user 110 111111 112 12 123 123... 1234 14 1433c 15 16 18 1C 1CADMIN 1C_SQL 2 20 2000 2004 200900113 201 2020 206liyajun 21 226 29 2z6pqi3 3 301 3100 34 360 6 601 602 666 6789 720166 776611 888 88888 9 924boa2064e8 9977008com 999 @dmin ACCOUNTS ADM ADM1 ADM2 ADMIN ADMIN-1C ADMIN01 ADMIN02 ADMIN1 ADMIN1C ADMIN2 ADMINISTRADOR ADMINISTRATOR ADMS ADS-ToolingTrader ADV AE AHMD AJTower ANNA AOSHIMA AQ AR ARSLANHR ASP.IIS ASP.IISS ASPNET ASTRAL AT AW AWP AY Aakash Abdul Abdullah Account Accueil Adlavaranuser Admin Administrador Administrator Administrator1 Agra Ahmed Alena Alex Alphanetworks Anonymous Archis Areebah ArjanBom Asad Ata.HR Audit Auditor Autocount Awais Ayyat AДМИНИСТРАТОР BACKUP BENUTZER BLB BLC BLM BLN BLV BLX BOSS BPRNTB03801 BTOWEBNET BUGHALTER BUH BUH1 Balanca BandoMCMS BandoMcMs Ben BichTram Bnverit Boardroom Bodega Breukel C@rs@BMG CDDI CEGIDADMIN CEGIDSQL CEX CHN3 CLIENT CLIENTE CMMI CRTLIVE CWSKHI Caiwu Canon Cegidservices Claudia Client01 Convidado DBadmin DEMO DEPOuser DIRECTOR DSG Daniele David Deception123 Demo Dev Devuser Dispatch Dispatch-pune Drastichova ERP ETBuser EUHC EauPlpE Emelinda Esing Etb FERRAZ FLOCKE112 FTO FUTURA Fire GAGAN GGARCIA GLAVBUH GMC GO5811SQL Guard HVC HWA HWBW HY68608948 Hassan Hikvision Honda-3 Huawei12#$ IIS IIS_SITE IIS_USR IIS_user IISuser_ACCOUNTXX INFO INTERNET IRINA IRM_CWSERVERY IT IUSR_ADMIN IUSR_SERVER IUSR_admin IdeMz Info Invitado Invitq Isabelle JDR JOHN Joy KINO KTT Kevin KhaiBL Khaldoun Komila Kucera LANKT LOCAL LUCKYVWGOLF Lab Leon LiYuguo LocalServer LogMeInRemoteuser MALI MANAGER MANAGER1 MANAGER2 MANOJ MASTER MIS MSSQL$WXY MULTI Magazin Mahmoud Manoj Maria Marta Mian MoonShine NATASHA NAVEEN Nafir Newuser Nhatchatter OFFICE OITOBRASIL OLEG ORACLE P@ssw0rd@ P@ssword123! PERLA POP6 POS POSTE6 PTE PTE3 PTE4 Pervaiz Planning Pos Production Public Q QBPOSDBSrvuser QuantumBackup Quantumbackup RASCOM RAS_00108 RAS_Admin RAS_admin RASadmin RDP RECEPCION RECEPTION REMOTE REMOTO RMNET ROOT RRHH Rajshree Rebuilding Recepcao Record Remote Remoteadmin Rule SAAZDEPUSR SBC SEO SERGEY SERGIO SERVER SERVICE SH1 SHICHANGBU SKLAD SOFTCAMP SONGBINH SQL SQL2008Serveruser SQLAgent SREE SUGEY SUPPORT SUPPORT_388945a0 SYSMAIN SYSTEM Safouh ScheduledTask Server Shakir Share Shdmt Shop Siac Sibu3 Soft Sonia Student Supervisor Surya Sysadmin TAY TEMP TEST TESTER THIAGO TOMMY TRON TVNG Tanveer Test Testuser Thanh ThanhSon Tin@123 TrackitWeb U02 U03 U04 U07 U08 U10 UF_OLAP_user USER USER01 USER02 USER1 USER2 USER3 USER4 USR USR01 USR02 USR1 USR2 USUARI USUARIO UTENTE Uiuy_lu20ie6El Unvcwt User001 User13 User3 User4 Usuario Utente VA_001 VA_002 VA_01 VA_Admin VA_admin VA_test VA_user02 VBAuser VDS VIJAYAN VNIAdmin_DoNotDelete VPN VPNuser VUPRO VUSR_XZ-52FA147D1 Vendas Vpn W03 WEB03 WEBMYNE WJG Web3 XLSoftDBA YCTH YOUP YYY __sunlogin_user__ a.bittner@wunsch.com a004 aa aa0706 aaa aaalfundsuat aabb abc abc123 abuser acc acc-08 acc3 accounting accounts accounts-pune accueil acs-12 adamlamance@hotma... adil admin admin$ admin01 admin2 admin2020 adminBD adminab administrador administrater administrator administrator1 admins adminvdc adminxy adnan adriana adxlyz agri ahmed alice almoxarifado alpa am3-eu amd andre andrew ankit_pos anne annetftp anpnnet apple aptus apuser4 apuser6 apuser7 arcgis aregua04 asdasd123123 ashraf askue asp.net assembly assistant atelier atsuko audit ayaz ayesha ayub azx backdoor backup backupexec baison balaji balanca balena bandomcms bar bbb666 bcz besadmin billlau bkadmin bkuser bloans boardroom boss bramil bsd burak bushen c2eeqreg caicai caiwu callcenter camp cangku cartads cashier casting cegidadmin cegidservices celia celia.franco cenci8610 ceshi ceshi.chinajns.com cfoc99 chayane chen chengguan chengjian03 chengjian04 chenlei chi chong chongqing chris ci668 cindyf cis_reportviewer clarissa client client2 cliente clinica clouder club cobian comercial compras conference conferenceroom conferencia consulta convidado cpu cristina crst cs csanchez csanmart cskacc csl cw cwb d.aldana dac daniela.silva darryl@las-parts.com dazhong db2Admin db2admin deepakd default dell delta demo demo4 deposito depouser design dev dfgkqj dfq2 dh3.chinajns.com diancai2 dipan download drivera drop dsg dungttn dvai dy1 eastop eauser ebadu ecopy edi edp egadmin ehab eif1017 ek110_www emera emmurop@yahoo.gr enadmin enterprisedb envl eric erpuser esk exam exchange export facturacion farmacia faturamento feizal fenbus fidelyf finance financeiro fis flexproof flextime fnho francisca frontdesk ftcadmin ftp ftp1 ftp_data ftp_user ftpadmin ftptemp ftpuser ftpuser2 fujixerox fzcmoc gamehouse gast gateway gbartolucci geral ghost gic gis givihach gmc gnngoo.com gp6941 gqm grace gsmith guard guest guest_777777mgm guest_ccc6 guest_www-wycp gxli hahaha haiyang haoyu2 hapt henry hfl hhyc002 his hjy hkvpntemp homeuser hong hr01 hualivpn huashu huawei huger huihui icewarp icloud idemz idrak iis imka impressora info infodba informix input inspector install interlink intern internet invitado ipad it itadmin itaflex iusr_Server j.ramirez jackie jessica jh jia jiankong jikson.silva jnzhu joaquim john julia julie k.khemili k3 k3admin k3mid k8h3d k8team kasir kefu kf khac kiki kiki64 king kingsoft kino kiuchi kjtx-app kpichon kris kt_amthanh kyocera laixiaoping landing laptop lawson lb lee lekar lenovo lib lin linker lisa lixiang logmeinremoteuser lokesh long longchengmin lonsun lucas lucyna ly m@stercabo02 mac001 mac008 mail maintenance manager manutencao mapanpan.com marcelo mark martin master meeting mehmet memeda$ memoria mexal michael michele michelle mike milan minku mis7-11 mm123$ mobile momaction money03 monitor2 mssql msxtest mt mtadmin multi murali myAppuser mysql n2p_service nam named nbwebsvc ncjm ndbuser net newbee niaoyun ntsec_admin office1 office12 oficina oni.killer operador operations operator oppo ops oracle oradvin ospite p@ssw0rd pack02 pando pang partage parts paul payu123 pc pc01 pc1 pc2 pcremote pdd94 pedro personal peter phong php pintandohuellas plotter pluser pmonroy pnp-3 pohoda pooluser pos2 postgres posto ppd94 praca pradip prasant print printer producao proxtestes prueba pub public qaz qdsc001 qingwa quipro quyenly qwe123 raggi raj rameshnagar ras_admin rasadmin rascom rdp recepcao reception reception2 red redidc regent remote remote03 remote1 remote_RANNY remote_SUSI remoto remoto7 rendamatriz resource richard ricoh rita roberto robin robinho roma root rrhh rsb rsvp rsync ruanyuxi saazdepusr sadmin sales sandy santosh sapuser sbadmin scott security server server1 share sharepoint shdmt shekhar shipping shob sidexis4service silvia simon@kx.com.tw single_login sistema sitef smc20_service_user softland sonia sonicwall sql sql2008serveruser sql2012serveruser sqladmin sraplocaluser srv_support srvac-sql2008 ssh staff station104 stiis store sugar supervisor suporte suporte2 support sustemsoon sy007 sync sys_lzp sysadmin sysmain systemD t00ls t1 taidu talink tapas teSt tech tecnico telmix03 telmix06 telmix07 telmix08 temp tempadmin template teresa test test001 test02 test1 test11 test123 test2 test_web2 testalentus teste teste1 tester testl testu testuser text tfsservice thomas tianzhi tizio.caio tlp tnRr4u tnt3 tony totem tracy trainee trainer transfer treinamento trfd trs4 ts01 ts1 tse3 tsplus tuLXkB tuser tuser1 tuser2 tx tyadxl.com u009 uat uficc un update uploader urouter usautodiller user user003 user01 user02 user03 user06 user07 user1 user10 user11 user12 user2 user20 user3 user4 user5 user6 user7 user9 userser1 usestudio usuario va_002 va_admin vagrant vendas ventas vente vetvault victor villamenzel visitor vmadmin vpn vpn01 vpn02 vpn03 vpn1 vpn123 vpn2 vpn3 vpn4 vpnuser vpnvpn vuser vuser01 vuser03 wael wangyuadmin wdigm web web-shell web1 web2 web3 webadmin webcom webengine weblynx website websocket wei.wu win002 win008 win009 win2 win3 win7 win8888 wind windows woman3 woman4 worker wun-11 www_alkinoto wxw120.com wy wz xbox xgvpn1001 xgvpn1002 xiaba xiangtong xiaodong xiaoshanpao xinronglin xlsoftdba xray xx xytrans_06 yan ycsd_iis ye323w yefucong yh yi yibackup ying yoke yt zah zak zctai zhangronghua zhaojiabin zhaowei zhucong zq zq001 АДМ АДМИН АДМИН1 АДМИН2 АДМИНИСТРАТОР АНАТОЛИЙ АНДРЕЙ БУГАЛТЕР БУХ БУХ1 БУХ2 БУХ3 БУХГАЛТЕР БУХГАЛТЕРИЯ ГЛАВБУХ ГЛБУХ ДИМА ДИРЕКТОР ИРИНА КАТЯ КЛИЕНТ КОСТЯ МАГАЗИН МЕНЕДЖЕР МЕНЕДЖЕР1 МЕНЕДЖЕР2 НАТАША ОЛЕГ ОФИС РЕСТОРАН РОМА РОМАН САША СЕКРЕТАРЬ СЕРГЕЙ СИС.АДМИН СКЛАД ТЕСТ

Russia, Moscow Tera Telecom Ltd

Vietnam, Quận Đống Đa vnnic.vn

Netherlands, Amsterdam HostSlick

Vietnam, Quận Đống Đa vnnic.vn

India, Chennai Linode

United States, Kansas City Heymman Servers Corporation

Russia, Moscow Kisara LLC

Russia, Moscow Starcrecium Limited

Russia, Moscow CTC-IPOE

Russia, Moscow Int-Inform Network

Lithuania, Vilnius route object for 45.125.66.0/24

Russia, Kazan route object for TATTELECOM

Brazil, Sao Paulo EQUINIX BRASIL

Russia, Perm PermInterCom Company's Public Networks

Russia, Moscow CRONYX

Poland, Warsaw MEVSPACE sp. z o.o.

Russia, Novosibirsk JSC Avantel

Russia, Saint Petersburg WestCall-NET

Russia, Moscow Kisara LLC

Russia, Moscow spd-mgts.ru

Mongolia, Ulaanbaatar Netcom98

Argentina, Buenos Aires NAVTEQ ARGENTINA SRL

Russia, Verkh-Isetskiy FTTB

Czech Republic, Prague EE

Netherlands, Amsterdam Flyservers S.A.

Belarus, Kolodishchi Aktivnie Tehnologii LLC

Vietnam, Đăk Yă EZCONNECT-VN

Russia, Moscow Kisara LLC

Vietnam, Thị Xã Cai Lậy FPT Telecom Company

Russia, Centralniy Rostelecom networks

Vietnam, Quận Đống Đa VIETSERVER-VN

Spain, Madrid RIMA (Red IP Multi Acceso)

Netherlands, Honselersdijk Global Layer network

Greece, Athens FORTH-CRS

Ukraine, Kiev TOV VAIZ PARTNER

Russia, Moscow Cloud Technologies LLC trading as Cloud.ru

Armenia, Abovyan GNC-Alfa CJSC

Russia, Barnaul Inteleca

Russia, Moscow AVK-Wellcom Ltd.

India, Noida Route Object

Russia, Irkutsk Electronniy gorod, Ltd.

Russia, Ufa RU, Ufa, JSC Bashinformsvyaz, RUMS

Russia, Vidnoe Skynetcom sprud

Poland, Warsaw MEVSPACE sp. z o.o.

United States, Kansas City DediOutlet, LLC

Russia, Kemerovo Goodline.info

Lithuania, Vilnius route object for 45.125.66.0/24

Kazakhstan, Almaty TOO Kompaniya Hoster.KZ

Russia, Lipetsk JSC ER-Telecom Holding Lipetsk Branch

Russia, Moscow TI route block

Russia, Vladivostok OCTOPUSNET NETWORK

Russia, Slyudyanskiy Rayon Delovaya Set' - Irkutsk

Ukraine, Kiev TOV VAIZ PARTNER

Russia, Syktyvkar Rostelecom networks

Netherlands, Amsterdam Dmitriy Panchenko

Poland, Warsaw MEVSPACE sp. z o.o.

Russia, Saint Petersburg Red Byte LLC

Russia, Yekaterinburg LLC Sviaz Plus

Russia, Moscow Republican Unitary Enterprise Abkhazsvyaz

Netherlands, Amsterdam Aeza International LTD

Kazakhstan, Almaty Uchet.Bukhgalteriya

India, Patna actcorp.in

Brazil, Chapecó Interone Telecom Ltda

United Kingdom, London HostSlick

Vietnam, Quận Đống Đa vnnic.vn

Singapore, Singapore Linode

Russia, Vladivostok RU-VL-PODRYAD

Germany, Frankfurt Aeza International LTD

Russia, Perm JSC ER-Telecom Holding

Vietnam, Quận Đống Đa vnnic.vn

Russia, Novosibirsk Adman LLC

Poland, Warsaw MEVSPACE sp. z o.o.

Poland, Warsaw MEVSPACE

Russia, Moscow Closed Joint Stock Company CROC incorporated

Lithuania, Vilnius route object for 45.125.66.0/24

Russia, Saint Petersburg MediaLand

India, Mumbai RedSwitches Pty Ltd

Russia, Moscow JSC Sevastopol Telekom

Russia, Saint Petersburg P.A.K.T LLC

United Kingdom, London UNMANAGED-LTD

Russia, Tsentral'nyy PJSC Rostelecom North-West Region

Sweden, Stockholm Aeza International LTD

Latvia, Riga VEESP datacenter clients

Russia, Moscow dct subnet 2

Iran, Tehran Dade Pardazi Mobinhost Co LTD

Netherlands, Amsterdam XHOST INTERNET SOLUTIONS LP Suite 6060

Russia, Moscow Z-Telecom Ltd

Netherlands, Amsterdam HostSlick

Moldova, Chișinău JSC MOLDTELECOM SA

Russia, Saint Petersburg Comfortel Ltd.

Russia, Yekaterinburg Rostelecom networks

Russia, Saint Petersburg CrimeaCom South LLC

Germany, Frankfurt FRA

Germany, Frankfurt M247 Ltd Frankfurt

Poland, Warsaw MEVSPACE sp. z o.o.

Kazakhstan, Almaty Jusan Mobile JSC

United Kingdom, London HostSlick

Poland, Warsaw MEVSPACE sp. z o.o.

France, Roubaix Liong Ho Fah

Russia, Barnaul Allocation for Altay regional branch of OJSC Sibirtelecom

Kazakhstan, Nur-Sultan Kar-Tel LLC

Russia, Bryansk JSC ER-Telecom Holding Bryansk Branch

Lithuania, Vilnius route object for 45.125.66.0/24

Russia, Tyumen A-Sity network

Russia, Perm Alviva Holding Limited

Venezuela, Caracas Cloud Solutions S.A.

Russia, Kazan JSC ER-Telecom Holding Kazan' Branch

Kazakhstan, Almaty NLS Networks for Clients

Russia, Moscow TI route block

Russia, Moscow PJSC Vimpelcom

Russia, Moscow Starcrecium Limited

Russia, Yekaterinburg JSC ER-Telecom Holding Yekaterinburg Branch

Russia, Moscow Thyphone Communications LLC

Russia, Moscow IE Levin Anton Aleksandrovich

Russia, Saint Petersburg Comfortel Ltd.

Netherlands, Amsterdam Dmitriy Panchenko

MAMKNHb| XAKEPb|

брутфорсят RDP