Blog Post
Wait a minute! I just had to retry the lab again to make sure I wasn't going crazy. On step 1 my 'OffensiveAdmin' password was expired:
$ xfreerdp /v:10.102.57.161 /u:OffensiveAdmin /p:"It'sBlankAnyway" /cert-ignore +clipboard
[19:30:32:656] [56154:56155] [ERROR][com.freerdp.core] - nla_recv_pdu:freerdp_set_last_error_ex ERRCONNECT_PASSWORD_EXPIRED [0x0002000E]
I had to find another "hack" to bypass and login to RDP with expired password.
Did I break something? Or did StefanApostol give me a personal extra challenge?
- steven2 days ago
Silver II
https://arstechnica.com/security/2025/04/windows-rdp-lets-you-log-in-using-revoked-passwords-microsoft-is-ok-with-that/
I was able to just RDP into it:xfreerdp /v:10.102.191.140 /u:'OffensiveAdmin' /dynamic-resolution /cert-ignore +clipboard +drives /drive:root,/home/kali
(and then filling in the pwd)
- Xat2 days ago
Bronze III
It works for me now too (should have been more clear). I had to get the above error from my logs. No idea what I did wrong back then (was a fun extra challenge).