Categories: safe, discovery
Determines which Security layer and Encryption level is supported by the RDP service. It does so by cycling through all existing protocols and ciphers. When run in debug mode, the script also returns the protocols and ciphers that fail and any errors that were reported.
The script was inspired by MWR's RDP Cipher Checker http://labs.mwrinfosecurity.com/tools/2009/01/12/rdp-cipher-checker/
nmap -p 3389 --script rdp-enum-encryption <ip>
PORT STATE SERVICE 3389/tcp open ms-wbt-server | Security layer | CredSSP (NLA): SUCCESS | CredSSP with Early User Auth: SUCCESS | Native RDP: SUCCESS | RDSTLS: SUCCESS | SSL: SUCCESS | RDP Encryption level: High | 40-bit RC4: SUCCESS | 56-bit RC4: SUCCESS | 128-bit RC4: SUCCESS | FIPS 140-1: SUCCESS |_ RDP Protocol Version: RDP 5.x, 6.x, 7.x, or 8.x server
License: Same as Nmap--See https://nmap.org/book/man-legal.html