Re: Windows Independant GUI

From: joshua barker (joshua.barker@gmail.com)
Date: Wed Sep 06 2006 - 14:48:14 EDT


You can change a dll in Windows XP with an older version plus a
registry setting to allow as many concurrent terminal service sessions
as you need. Also, remote desktop is inherently more reliable than vnc
as I have had it crash on me several inopportune times.

On 9/6/06, Marios A. Spinthiras <mario@netway.com.cy> wrote:
> Goodmorning,
>
> You are right upon the terminal services but with regards to the user
> being "kicked off" this is meer configuration. There are actual RDP
> lisences that you can purchase from windows. Many people in a corporate
> environment do so. In a single "poor man's" setup with RDP the event you
> referred to will occur. Yet again a "poor man's" setup is VNC in most
> cases :P Personally I dont use windows that much and definately not RDP!
> VNC has done fine for the passing years and I dont see why it wouldnt
> for the upcoming years.
>
> Many Thanks,
> Mario A. Spinthiras
>
>
>
> Beauford, Jason wrote:
> > Isaac Van Name wrote:
> >
> >> For the record, Remote Desktop Connection only spawns another
> >> "virtual desktop" on a system running Terminal Services (Server 2003
> >> and, I believe, Server 2000). Windows XP runs Terminal Services Lite
> >> and, as such, Remote Desktop Connection used on a Windows XP box will
> >> kick off the user currently logged in. WinConnect XP Server is an
> >> option to get multiple RDP sessions, and I'm sure others know of
> >> better ways (or, at least, I hope so), as WinConnect is not cheap.
> >>
> >> Isaac Van Name
> >>
> >> -----Original Message-----
> >> From: Marios A. Spinthiras [mailto:mario@netway.com.cy]
> >> Sent: Tuesday, September 05, 2006 5:02 AM
> >> To: pen-test@securityfocus.com
> >> Subject: Re: Windows Independant GUI
> >>
> >> Remote Desktop Connection spawns another "virutal desktop" under the
> >> account credentials you specify. This is unlike VNC which simply
> >> connects to the active display of the user currently logged on. If
> >> VNC is running as a system service it still means that you will be
> >> connecting to the Administrator account. If the station is locked
> >> (ALT CTRL DEL) then you will be looking at the same screen that the
> >> user looks at when he looks at the monitor of the workstation.
> >> Disregarding that simply for aesthetic purposes , what you need is a
> >> RDP like connection.
> >>
> >> Regards,
> >> Mario A. Spinthiras
> >>
> >> One2@onetwo.com wrote:
> >>
> >>> Hey All,
> >>>
> >>> After compromising Windows workstations I am able to gain a remote
> >>> GUI via
> >>>
> >> either Terminal Services, VNC, GetScreen, etc.
> >>
> >>> However, this remote access gives me access to the user's GUI, which
> >>>
> >> limits me to using the GUI when they seem to have left for lunch. ;o)
> >>
> >>> Does anyone know of any way that I can gain an independant GUI so
> >>> that I
> >>>
> >> can use and install GUI software to continue the attack, without
> >> having to worry about whether the user is using their GUI?
> >>
> >>> All ideas are welcome.
> >>>
> >
> > My opinion is that the more programs you install, the more likely you
> > are to be detected. CLI equivalents should be used instead of trying to
> > use GUI interfaces.
> >
> > That aside, this hack may help you. I've never tried myself so I cannot
> > report on it. Just putting it out there for you to try.
> >
> > http://sig9.com/articles/concurrent-remote-desktop
> >
> >
> > Kind Regards,
> >
> > JMB
> >
> >
> >
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php
> ------------------------------------------------------------------------
>
>

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:55 EDT