FreeRDP
FreeRDP
섹션 제목: “FreeRDP”FreeRDP is a free and open-source implementation of the Remote Desktop Protocol (RDP). It allows you to connect to and control Windows systems remotely from Linux, macOS, and other Unix-like systems. FreeRDP provides both a command-line client (xfreerdp) and libraries for developers.
Installation
섹션 제목: “Installation”Linux (Debian/Ubuntu)
섹션 제목: “Linux (Debian/Ubuntu)”# Install FreeRDP
sudo apt-get update
sudo apt-get install freerdp2-x11
# Install command-line tools
sudo apt-get install freerdp2-bin
# Verify installation
xfreerdp --version
# Install additional tools
sudo apt-get install freerdp2-dev freerdp2-waylandLinux (Fedora/RHEL)
섹션 제목: “Linux (Fedora/RHEL)”# Install FreeRDP
sudo dnf install freerdp
# Verify installation
xfreerdp --versionmacOS
섹션 제목: “macOS”# Install via Homebrew
brew install freerdp
# Verify installation
xfreerdp --version
# Optional: GUI client
brew install --cask freerdpAlpine Linux
섹션 제목: “Alpine Linux”# Install FreeRDP
apk add freerdp
# Verify
xfreerdp --versionBuild from Source
섹션 제목: “Build from Source”# Clone repository
git clone https://github.com/FreeRDP/FreeRDP.git
cd FreeRDP
# Install dependencies
sudo apt-get install build-essential git cmake libssl-dev libx11-dev
# Build and install
mkdir build && cd build
cmake -DCMAKE_BUILD_TYPE=Release ..
make
sudo make install
# Verify
xfreerdp --versionBasic Connection
섹션 제목: “Basic Connection”Simple RDP Connection
섹션 제목: “Simple RDP Connection”# Basic connection to Windows server
xfreerdp /v:192.168.1.100
# Connect with username
xfreerdp /v:192.168.1.100 /u:Administrator
# Connect with password
xfreerdp /v:192.168.1.100 /u:Administrator /p:password
# Connect using domain credentials
xfreerdp /v:192.168.1.100 /u:DOMAIN\\username /p:password
# Connect to specific port (default is 3389)
xfreerdp /v:192.168.1.100:3389 /u:AdministratorHostname and Domain Resolution
섹션 제목: “Hostname and Domain Resolution”# Connect using hostname
xfreerdp /v:windows-server /u:Administrator
# Use domain credentials
xfreerdp /v:192.168.1.100 /u:DOMAIN\\username
# Alternative domain syntax
xfreerdp /v:192.168.1.100 /d:DOMAIN /u:username
# Connect with UPN format
xfreerdp /v:192.168.1.100 /u:username@domain.comAuthentication Options
섹션 제목: “Authentication Options”Username and Password
섹션 제목: “Username and Password”# Interactive password prompt
xfreerdp /v:192.168.1.100 /u:Administrator
# Non-interactive (specify password)
xfreerdp /v:192.168.1.100 /u:Administrator /p:MyPassword123
# Empty password
xfreerdp /v:192.168.1.100 /u:Administrator /p:""
# Read password from stdin
echo "MyPassword" | xfreerdp /v:192.168.1.100 /u:Administrator /p:-Smart Card Authentication
섹션 제목: “Smart Card Authentication”# Use smart card for authentication
xfreerdp /v:192.168.1.100 /sc
# Specify smart card reader
xfreerdp /v:192.168.1.100 /sc /sc:reader-name
# List available readers
opensc-tool -lNetwork Level Authentication (NLA)
섹션 제목: “Network Level Authentication (NLA)”# Enable NLA (enabled by default in many builds)
xfreerdp /v:192.168.1.100 /u:Administrator /nla
# Disable NLA if causing issues
xfreerdp /v:192.168.1.100 /u:Administrator -nla
# Force NLA
xfreerdp /v:192.168.1.100 /u:Administrator /nla:forceDisplay and Resolution
섹션 제목: “Display and Resolution”Screen Resolution
섹션 제목: “Screen Resolution”# Full screen
xfreerdp /v:192.168.1.100 /f
# Specific resolution (1920x1080)
xfreerdp /v:192.168.1.100 /w:1920 /h:1080
# Common resolutions
xfreerdp /v:192.168.1.100 /w:1024 /h:768
xfreerdp /v:192.168.1.100 /w:1280 /h:1024
xfreerdp /v:192.168.1.100 /w:1920 /h:1200
# Percentage of screen
xfreerdp /v:192.168.1.100 /p:85
# Smart sizing (resize with window)
xfreerdp /v:192.168.1.100 /smart-sizingColor Depth
섹션 제목: “Color Depth”# 8-bit color (256 colors)
xfreerdp /v:192.168.1.100 /bpp:8
# 15-bit color
xfreerdp /v:192.168.1.100 /bpp:15
# 16-bit color (65536 colors)
xfreerdp /v:192.168.1.100 /bpp:16
# 24-bit color (16 million colors)
xfreerdp /v:192.168.1.100 /bpp:24
# 32-bit color
xfreerdp /v:192.168.1.100 /bpp:32Display Options
섹션 제목: “Display Options”# Disable wallpaper
xfreerdp /v:192.168.1.100 -wallpaper
# Disable window decoration
xfreerdp /v:192.168.1.100 -decoration
# Hide remote window title
xfreerdp /v:192.168.1.100 /wt:"My Session"
# Set window title
xfreerdp /v:192.168.1.100 /wt:"Production Server"Drive and Resource Redirection
섹션 제목: “Drive and Resource Redirection”Drive Redirection
섹션 제목: “Drive Redirection”# Redirect home directory
xfreerdp /v:192.168.1.100 /drive:home,/home/user
# Redirect specific directory
xfreerdp /v:192.168.1.100 /drive:shared,/mnt/shared
# Redirect multiple drives
xfreerdp /v:192.168.1.100 /drive:home,/home/user /drive:data,/data
# Redirect entire home
xfreerdp /v:192.168.1.100 /drive:home,/home
# Make drive read-only
# Note: Use separate sessions or check FreeRDP version capabilitiesClipboard Redirection
섹션 제목: “Clipboard Redirection”# Enable clipboard sharing (often default)
xfreerdp /v:192.168.1.100 /clipboard
# Disable clipboard
xfreerdp /v:192.168.1.100 -clipboard
# Clipboard in both directions
xfreerdp /v:192.168.1.100 /clipboard +clipboardAudio Redirection
섹션 제목: “Audio Redirection”# Redirect audio to local system
xfreerdp /v:192.168.1.100 /audio
# Specify audio driver
xfreerdp /v:192.168.1.100 /audio:sys:pulse
# Disable audio
xfreerdp /v:192.168.1.100 -audio
# Record audio remotely only
xfreerdp /v:192.168.1.100 /audio-mode:1Printer Redirection
섹션 제목: “Printer Redirection”# Redirect printers
xfreerdp /v:192.168.1.100 /printer
# Redirect specific printer
xfreerdp /v:192.168.1.100 /printer:HP-Printer
# Disable printer redirection
xfreerdp /v:192.168.1.100 -printerUSB Redirection
섹션 제목: “USB Redirection”# Redirect USB device by vendor:product ID
xfreerdp /v:192.168.1.100 /usb:id=1234:5678
# Redirect all USB devices
# Note: May require additional FreeRDP build with USB support
xfreerdp /v:192.168.1.100 /usb-device:*Gateway and Network
섹션 제목: “Gateway and Network”RDP Gateway (RDG)
섹션 제목: “RDP Gateway (RDG)”# Connect through RDP Gateway
xfreerdp /v:internal-server /gw:gateway.example.com /u:Administrator
# Specify gateway username
xfreerdp /v:internal-server /gw:gateway.example.com /gu:gateway-user /gp:gateway-pass
# Gateway with domain
xfreerdp /v:internal-server /gw:gateway.example.com /gd:DOMAIN /gu:username
# Disable gateway
xfreerdp /v:192.168.1.100 /nogwVPN and Proxy
섹션 제목: “VPN and Proxy”# Connect through standard port
xfreerdp /v:192.168.1.100:3389
# Non-standard RDP port
xfreerdp /v:192.168.1.100:13389
# Via SSH tunnel (set up separately)
# ssh -L 3389:192.168.1.100:3389 proxy-host
xfreerdp /v:localhost:3389
# Multiple server connection (some versions)
xfreerdp /v:vpn-gateway /u:AdministratorSecurity and Encryption
섹션 제목: “Security and Encryption”TLS and Certificate Handling
섹션 제목: “TLS and Certificate Handling”# Accept self-signed certificates
xfreerdp /v:192.168.1.100 /cert-ignore
# Verify certificate
xfreerdp /v:192.168.1.100 /cert-name:server.example.com
# Specify certificate file
xfreerdp /v:192.168.1.100 /cert:~/certs/server.pem
# Require certificate validation
xfreerdp /v:192.168.1.100 /cert-tofuEncryption Options
섹션 제목: “Encryption Options”# Force RDP Security Layer
xfreerdp /v:192.168.1.100 /sec:rdp
# Force TLS Security Layer
xfreerdp /v:192.168.1.100 /sec:tls
# Force Negotiate (Kerberos/NTLM)
xfreerdp /v:192.168.1.100 /sec:nla
# Allow all supported methods
xfreerdp /v:192.168.1.100 /sec:*Encryption Strength
섹션 제목: “Encryption Strength”# Standard encryption
xfreerdp /v:192.168.1.100 /encryption-level:client
# High encryption
xfreerdp /v:192.168.1.100 /encryption-level:high
# FIPS encryption
xfreerdp /v:192.168.1.100 /encryption-level:fipsPerformance Options
섹션 제목: “Performance Options”Bandwidth Optimization
섹션 제목: “Bandwidth Optimization”# Disable desktop wallpaper
xfreerdp /v:192.168.1.100 -wallpaper
# Disable visual styles
xfreerdp /v:192.168.1.100 -themes
# Disable menu animations
xfreerdp /v:192.168.1.100 -anim
# Disable smooth scrolling
xfreerdp /v:192.168.1.100 -menu-anims
# Disable window contents
xfreerdp /v:192.168.1.100 -window-dragNetwork Performance
섹션 제목: “Network Performance”# Use compression
xfreerdp /v:192.168.1.100 /compression
# Specify compression algorithm
xfreerdp /v:192.168.1.100 /compression:on
# Disable compression
xfreerdp /v:192.168.1.100 -compression
# Reduce color depth for bandwidth
xfreerdp /v:192.168.1.100 /bpp:16
# Slower network (adjust settings)
xfreerdp /v:192.168.1.100 -wallpaper -themes /bpp:16 /compressionLatency and Input
섹션 제목: “Latency and Input”# Enable mouse motion
xfreerdp /v:192.168.1.100 /motion
# Disable mouse motion (faster)
xfreerdp /v:192.168.1.100 -motion
# Relative mouse movement
xfreerdp /v:192.168.1.100 /mouse-motionCommon Penetration Testing Uses
섹션 제목: “Common Penetration Testing Uses”Pass-the-Hash (PTH) RDP
섹션 제목: “Pass-the-Hash (PTH) RDP”# Requires compatible FreeRDP build or Restricted Admin mode
# Connect using NTLM hash instead of password
xfreerdp /v:192.168.1.100 /u:Administrator /pth:E52CAC67419A6A2342BB43AB6BD5C81F
# With domain
xfreerdp /v:192.168.1.100 /u:DOMAIN\\Administrator /pth:HASH
# Verify hash format (LM:NT hash)
xfreerdp /v:192.168.1.100 /u:user /pth:LM_HASH:NT_HASHRestricted Admin Mode
섹션 제목: “Restricted Admin Mode”# Enable Restricted Admin for pass-the-hash
xfreerdp /v:192.168.1.100 /restrictedadmin
# Combine with credentials
xfreerdp /v:192.168.1.100 /u:Administrator /restrictedadminSession Hijacking Testing
섹션 제목: “Session Hijacking Testing”# Connect as specific user
xfreerdp /v:192.168.1.100 /u:Administrator
# Monitor active sessions
# Run inside RDP: Get-Process (PowerShell)
# Attempt connection with different credentials
xfreerdp /v:192.168.1.100 /u:DOMAIN\\userLateral Movement
섹션 제목: “Lateral Movement”# Initial compromise
xfreerdp /v:gateway-host /u:compromised-user
# Connect to internal server through gateway
xfreerdp /v:internal-server /gw:gateway-host /gu:compromised-user
# Chain RDP connections
# First connection
xfreerdp /v:192.168.1.100
# From within RDP, run another xfreerdp for second system
# xfreerdp /v:192.168.1.200Advanced Configuration
섹션 제목: “Advanced Configuration”Combined Options Example
섹션 제목: “Combined Options Example”# Comprehensive secure connection
xfreerdp \
/v:192.168.1.100 \
/u:DOMAIN\\Administrator \
/nla \
/w:1920 /h:1080 \
/bpp:24 \
/drive:home,/home/user \
/clipboard \
/audio \
/compression \
/cert-ignore
# Lightweight connection for slow network
xfreerdp \
/v:192.168.1.100 \
/u:Administrator \
/w:1024 /h:768 \
/bpp:16 \
-wallpaper -themes -menu-anims \
/compression
# High-security lab testing
xfreerdp \
/v:192.168.1.100 \
/u:Administrator \
/sec:nla \
/cert-ignore \
/restrictedadminConfiguration Files
섹션 제목: “Configuration Files”# Create connection profile
cat > ~/.freerdp/profile.rdp << EOF
server=192.168.1.100
username=Administrator
domain=DOMAIN
resolution=1920x1080
color-depth=24
drive=home,/home/user
audio=on
compression=on
EOF
# Use profile
xfreerdp ~/.freerdp/profile.rdpTroubleshooting
섹션 제목: “Troubleshooting”Connection Issues
섹션 제목: “Connection Issues”# Test connectivity
ping 192.168.1.100
# Check RDP port
telnet 192.168.1.100 3389
# Enable verbose output
xfreerdp /v:192.168.1.100 /v:3
# Debug mode
xfreerdp /v:192.168.1.100 /log-level:debugCommon Errors
섹션 제목: “Common Errors”| Error | Solution |
|---|---|
| Connection refused | Check RDP port, enable RDP on target |
| Authentication failed | Verify credentials, check NLA settings |
| Timeout | Check firewall, routing, gateway |
| Certificate error | Use /cert-ignore or verify certificate |
| Display issues | Adjust resolution, reduce color depth |
Performance Issues
섹션 제목: “Performance Issues”# Reduce visual effects
xfreerdp /v:192.168.1.100 -wallpaper -themes /bpp:16
# Enable compression
xfreerdp /v:192.168.1.100 /compression
# Use lower resolution
xfreerdp /v:192.168.1.100 /w:1024 /h:768
# Check local system resources
top
free -hResources and Help
섹션 제목: “Resources and Help”Getting Help
섹션 제목: “Getting Help”# List all available options
xfreerdp --help
# Show detailed option help
xfreerdp --help-options
# Show channel options
xfreerdp --help-channels
# Version information
xfreerdp --version
# Configuration examples
man xfreerdpOfficial Links
섹션 제목: “Official Links”# GitHub repository
# https://github.com/FreeRDP/FreeRDP
# Wiki and documentation
# https://github.com/FreeRDP/FreeRDP/wiki
# Issue tracker
# https://github.com/FreeRDP/FreeRDP/issues