Passwordless RDP Session Hijacking Feature All Windows versions

Um... so easy I did it in about 15 minutes in my lab setup at home. HOLY S****!

Attack Vector Details:

- A privileged user, which can gain command execution with NT AUTHORITY/SYSTEM rights can hijack any currently logged in user's session, without any knowledge about his credentials.

- Terminal Services session can be either in connected or disconnected state.

This is high risk vulnerability which allows any local admin to hijack a session and get access to:
1. Domain admin session.
2. Any unsaved documents, that hijacked user works on.
3. Any other systems/applications in which hijacked user previously logged in (May include another Remote Desktop sessions, Network Share mappings, applications which require another credentials, E-mail etc.)
feature 

This was a translated article so some of the wording is a bit off but most of it is more than readable. - Check out the article here.

Da Boss!

Website: www.digitalsmind.com Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

Latest Content

  • Remote Server Administration Tools for Windows 10
    Written by

    Da Boss!

    Remote Server Administration Tools for Windows 10 Download away!
    Read more...
  • How to make use of (Microsoft) Edge’s nifty reading features
    Written by

    Da Boss!

    How to make use of (Microsoft) Edge’s nifty reading features Not a fan of the Edge browser myself but a…
    Read more...
  • Whats new in Windows 10 Bash/WSL & Windows Console
    Written by

    Da Boss!

    Whats new in Windows 10 Bash/WSL & Windows Console I love how Microsoft is embracing Open Source with Windows 10.…
    Read more...
  • Activision announces 'Call Of Duty: World War II'
    Written by

    Da Boss!

    Activision announces 'Call Of Duty: World War II' So, it seems we are headed back to WW II…
    Read more...
  • WD Purple 1TB Surveillance Hard Disk Drive - 39.99 - WOOT Deal
    Written by

    Da Boss!

    WD Purple 1TB Surveillance Hard Disk Drive - 39.99 - WOOT Deal Only 15 hours left so if you want one you…
    Read more...

Visit the Digitalsmind Video YouTube Page!

Did you know we have a video page on YouTube? 

Well... WE DO! 

Check us out! 

- Our Video page.