Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Windows Independant GUI
From: "joshua barker" <joshua.barker () gmail com>
Date: Wed, 6 Sep 2006 14:48:14 -0400

You can change a dll in Windows XP with an older version plus a
registry setting to allow as many concurrent terminal service sessions
as you need. Also, remote desktop is inherently more reliable than vnc
as I have had it crash on me several inopportune times.

On 9/6/06, Marios A. Spinthiras <mario () netway com cy> wrote:
Goodmorning,

You are right upon the terminal services but with regards to the user
being "kicked off" this is meer configuration. There are actual RDP
lisences that you can purchase from windows. Many people in a corporate
environment do so. In a single "poor man's" setup with RDP the event you
referred to will occur. Yet again a "poor man's" setup is VNC in most
cases :P Personally I dont use windows that much and definately not RDP!
VNC has done fine for the passing years and I dont see why it wouldnt
for the upcoming years.

Many Thanks,
Mario A. Spinthiras



Beauford, Jason wrote:
> Isaac Van Name wrote:
>
>> For the record, Remote Desktop Connection only spawns another
>> "virtual desktop" on a system running Terminal Services (Server 2003
>> and, I believe, Server 2000).  Windows XP runs Terminal Services Lite
>> and, as such, Remote Desktop Connection used on a Windows XP box will
>> kick off the user currently logged in.  WinConnect XP Server is an
>> option to get multiple RDP sessions, and I'm sure others know of
>> better ways (or, at least, I hope so), as WinConnect is not cheap.
>>
>> Isaac Van Name
>>
>> -----Original Message-----
>> From: Marios A. Spinthiras [mailto:mario () netway com cy]
>> Sent: Tuesday, September 05, 2006 5:02 AM
>> To: pen-test () securityfocus com
>> Subject: Re: Windows Independant GUI
>>
>> Remote Desktop Connection spawns another "virutal desktop" under the
>> account credentials you specify. This is unlike VNC which simply
>> connects to the active display of the user currently logged on. If
>> VNC is running as a system service it still means that you will be
>> connecting to the Administrator account. If the station is locked
>> (ALT CTRL DEL) then you will be looking at the same screen that the
>> user looks at when he looks at the monitor of the workstation.
>> Disregarding that simply for aesthetic purposes , what you need is a
>> RDP like connection.
>>
>> Regards,
>> Mario A. Spinthiras
>>
>> One2 () onetwo com wrote:
>>
>>> Hey All,
>>>
>>> After compromising Windows workstations I am able to gain a remote
>>> GUI via
>>>
>> either Terminal Services, VNC, GetScreen, etc.
>>
>>> However, this remote access gives me access to the user's GUI, which
>>>
>> limits me to using the GUI when they seem to have left for lunch. ;o)
>>
>>> Does anyone know of any way that I can gain an independant GUI so
>>> that I
>>>
>> can use and install GUI software to continue the attack, without
>> having to worry about whether the user is using their GUI?
>>
>>> All ideas are welcome.
>>>
>
> My opinion is that the more programs you install, the more likely you
> are to be detected.  CLI equivalents should be used instead of trying to
> use GUI interfaces.
>
> That aside, this hack may help you.  I've never tried myself so I cannot
> report on it.  Just putting it out there for you to try.
>
> http://sig9.com/articles/concurrent-remote-desktop
>
>
> Kind Regards,
>
> JMB
>
>
>

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]