From: Santosh Shelke (santosh.shelke@acm.co.in)
Date: Thu Sep 07 2006 - 03:20:19 EDT
Hi joshu
a dll in Windows XP == which one ???
----- Original Message -----
From: "joshua barker" <joshua.barker@gmail.com>
To: <pen-test@securityfocus.com>
Sent: Thursday, September 07, 2006 12:18 AM
Subject: Re: Windows Independant GUI
> You can change a dll in Windows XP with an older version plus a
> registry setting to allow as many concurrent terminal service sessions
> as you need. Also, remote desktop is inherently more reliable than vnc
> as I have had it crash on me several inopportune times.
>
> On 9/6/06, Marios A. Spinthiras <mario@netway.com.cy> wrote:
> > Goodmorning,
> >
> > You are right upon the terminal services but with regards to the user
> > being "kicked off" this is meer configuration. There are actual RDP
> > lisences that you can purchase from windows. Many people in a corporate
> > environment do so. In a single "poor man's" setup with RDP the event you
> > referred to will occur. Yet again a "poor man's" setup is VNC in most
> > cases :P Personally I dont use windows that much and definately not RDP!
> > VNC has done fine for the passing years and I dont see why it wouldnt
> > for the upcoming years.
> >
> > Many Thanks,
> > Mario A. Spinthiras
> >
> >
> >
> > Beauford, Jason wrote:
> > > Isaac Van Name wrote:
> > >
> > >> For the record, Remote Desktop Connection only spawns another
> > >> "virtual desktop" on a system running Terminal Services (Server 2003
> > >> and, I believe, Server 2000). Windows XP runs Terminal Services Lite
> > >> and, as such, Remote Desktop Connection used on a Windows XP box will
> > >> kick off the user currently logged in. WinConnect XP Server is an
> > >> option to get multiple RDP sessions, and I'm sure others know of
> > >> better ways (or, at least, I hope so), as WinConnect is not cheap.
> > >>
> > >> Isaac Van Name
> > >>
> > >> -----Original Message-----
> > >> From: Marios A. Spinthiras [mailto:mario@netway.com.cy]
> > >> Sent: Tuesday, September 05, 2006 5:02 AM
> > >> To: pen-test@securityfocus.com
> > >> Subject: Re: Windows Independant GUI
> > >>
> > >> Remote Desktop Connection spawns another "virutal desktop" under the
> > >> account credentials you specify. This is unlike VNC which simply
> > >> connects to the active display of the user currently logged on. If
> > >> VNC is running as a system service it still means that you will be
> > >> connecting to the Administrator account. If the station is locked
> > >> (ALT CTRL DEL) then you will be looking at the same screen that the
> > >> user looks at when he looks at the monitor of the workstation.
> > >> Disregarding that simply for aesthetic purposes , what you need is a
> > >> RDP like connection.
> > >>
> > >> Regards,
> > >> Mario A. Spinthiras
> > >>
> > >> One2@onetwo.com wrote:
> > >>
> > >>> Hey All,
> > >>>
> > >>> After compromising Windows workstations I am able to gain a remote
> > >>> GUI via
> > >>>
> > >> either Terminal Services, VNC, GetScreen, etc.
> > >>
> > >>> However, this remote access gives me access to the user's GUI, which
> > >>>
> > >> limits me to using the GUI when they seem to have left for lunch. ;o)
> > >>
> > >>> Does anyone know of any way that I can gain an independant GUI so
> > >>> that I
> > >>>
> > >> can use and install GUI software to continue the attack, without
> > >> having to worry about whether the user is using their GUI?
> > >>
> > >>> All ideas are welcome.
> > >>>
> > >
> > > My opinion is that the more programs you install, the more likely you
> > > are to be detected. CLI equivalents should be used instead of trying
to
> > > use GUI interfaces.
> > >
> > > That aside, this hack may help you. I've never tried myself so I
cannot
> > > report on it. Just putting it out there for you to try.
> > >
> > > http://sig9.com/articles/concurrent-remote-desktop
> > >
> > >
> > > Kind Regards,
> > >
> > > JMB
> > >
> > >
> > >
> >
> > ------------------------------------------------------------------------
> > This List Sponsored by: Cenzic
> >
> > Need to secure your web apps?
> > Cenzic Hailstorm finds vulnerabilities fast.
> > Click the link to buy it, try it or download Hailstorm for FREE.
> > http://www.cenzic.com/products_services/download_hailstorm.php
> > ------------------------------------------------------------------------
> >
> >
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php
> ------------------------------------------------------------------------
>
>
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:55 EDT