Passwordless RDP Session Hijacking Feature All Windows versions

Um... so easy I did it in about 15 minutes in my lab setup at home. HOLY S****!

Attack Vector Details:

- A privileged user, which can gain command execution with NT AUTHORITY/SYSTEM rights can hijack any currently logged in user's session, without any knowledge about his credentials.

- Terminal Services session can be either in connected or disconnected state.

This is high risk vulnerability which allows any local admin to hijack a session and get access to:
1. Domain admin session.
2. Any unsaved documents, that hijacked user works on.
3. Any other systems/applications in which hijacked user previously logged in (May include another Remote Desktop sessions, Network Share mappings, applications which require another credentials, E-mail etc.)
feature 

This was a translated article so some of the wording is a bit off but most of it is more than readable. - Check out the article here.

Da Boss!

Website: www.digitalsmind.com Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

Latest Content

  • Windows Patch Cleaner
    Written by
    Windows Patch Cleaner This is one of those utilities I will be installing…
    Read more...
  • The Coolest Thing On Instagram I Have Ever Seen
    Written by
    The Coolest Thing On Instagram I Have Ever Seen Honestly, this might he coolest thing I have ever seen…
    Read more...
  • Retired Husband (Humor) WalMart is Involved.
    Written by
    Retired Husband (Humor) WalMart is Involved. It's been a REALLY crappy week so far and this…
    Read more...
  • Outlook known issues in the June 2017 security updates
    Written by
    Outlook known issues in the June 2017 security updates Well folks, these issues cover every version of Outlook back…
    Read more...
  • Steam Summer Sale Confirmed - 6-22-17 - 1:00 PM EST
    Written by
    Steam Summer Sale Confirmed - 6-22-17 - 1:00 PM EST Find Visa wife doesn't know about? - check! 
    Read more...

Visit the Digitalsmind Video YouTube Page!

Did you know we have a video page on YouTube? 

Well... WE DO! 

Check us out! 

- Our Video page.