AnsweredAssumed Answered

Parser to enumerate RDP username.

Question asked by RSA Admin Employee on Nov 26, 2012
Latest reply on Nov 12, 2018 by Eric Partington

Hello all,



I figured someone has probably done this before so i figured i would ask on the board first before i start working on this.


Has anyone created a parser to get the mstshash value inside RDP sessions in order to help detect which accounts are being targetted in brute force attacks ?



i.e:"   àCookie: mstshash=administrator