Passwordless RDP Session Hijacking Feature All Windows versions

Um... so easy I did it in about 15 minutes in my lab setup at home. HOLY S****!

Attack Vector Details:

- A privileged user, which can gain command execution with NT AUTHORITY/SYSTEM rights can hijack any currently logged in user's session, without any knowledge about his credentials.

- Terminal Services session can be either in connected or disconnected state.

This is high risk vulnerability which allows any local admin to hijack a session and get access to:
1. Domain admin session.
2. Any unsaved documents, that hijacked user works on.
3. Any other systems/applications in which hijacked user previously logged in (May include another Remote Desktop sessions, Network Share mappings, applications which require another credentials, E-mail etc.)
feature 

This was a translated article so some of the wording is a bit off but most of it is more than readable. - Check out the article here.

Da Boss!

Website: www.digitalsmind.com Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

Latest Content

  • Get Back the WinX power user menu Control Panel Post Creators Udpate
    Written by

    Da Boss!

    Get Back the WinX power user menu Control Panel Post Creators Udpate As MS moves more and more of the old school…
    Read more...
  • Nearly all WannaCry victims were running Windows 7
    Written by

    Da Boss!

    Nearly all WannaCry victims were running Windows 7 Yep... and this will continue until people start to get…
    Read more...
  • New Tool Could Liberate PCs Infected With WannaCry
    Written by

    Da Boss!

    New Tool Could Liberate PCs Infected With WannaCry Huh....well, if you happen to be one of the MANY…
    Read more...
  • Code 80243004 – Windows Update encountered an unknown error - FIX
    Written by

    Da Boss!

    Code 80243004 – Windows Update encountered an unknown error - FIX This is one of those fixes you would NEVER have…
    Read more...
  • Unpatched Windows OS on the Rise
    Written by

    Da Boss!

    Unpatched Windows OS on the Rise I put this up to remind you all to PATCH…
    Read more...

Visit the Digitalsmind Video YouTube Page!

Did you know we have a video page on YouTube? 

Well... WE DO! 

Check us out! 

- Our Video page.