Full Disclosure mailing list archives
Re: Remote Desktop Command Fixation Attacks
From: <full-disclosure () hushmail com>
Date: Wed, 10 Oct 2007 14:05:28 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SHUT UP VLADIS IF ANYONE CARED THEY WOULD JUST FREQUENT YOUR BLOG GET OFF THIS LIST THIS IS FOR SERIOUS SECURITY MATTERS ONLY On Wed, 10 Oct 2007 07:14:32 -0400 "pdp (architect)" <pdp.gnucitizen () googlemail com> wrote:
http://www.gnucitizen.org/blog/remote-desktop-command-fixation- attacks Security in depth does not exist! No matter what you do, dedicated attackers will always be able to penetrate your network. Seriously! Information security is mostly about risk assessment and crisis management. When it comes to exploitative penetration testing, I relay on tactics rather then exploits. I've already talked about how insecure Remote Desktop service could be. In this post I will show you how easy it is to compromise a well protected Windows Terminal or CITRIX server with a simple social engineering attack and some knowledge about the platform we are about to exploit. The attack is rather simple. All the bad guys have to do is to compose a malicious RDP (for Windows Terminal Services) or ICA (for CITRIX) file and send it to the victim. The victim is persuaded to open the file by double clicking on it. When the connection is established, the user will enter their credentials to login and as such let the hackers in. Vicious! I have a more detailed explanation about the tactics behind this attack. Because I don't want to spam people with tones of text, I just included a link which you can follow. Hope that this is useful and at the same time eye opening, not that it is something completely amazing. But it does work and it works well. cheers. -- pdp (architect) | petko d. petkov http://www.gnucitizen.org _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcNFGgACgkQ+dWaEhErNvS4wwQAj8LqbxzIYoXodiXgspcs/YDG0/a8 oNPk3PsmOKHp7N7jVObIEDPjCgGHMRrPfHIEjys5EBTkVr/wq7/y6XPQLdyzIu5VyFE2 04q7slbdkrfImgByVX2itNYDJ5JlbzqrakxxZ9TVrNqqXtjWhw4IN90jDMo8tLoQT0V4 7xtyuiU= =mlsP -----END PGP SIGNATURE----- -- Click for free info on business schools, $150K/ year potential. http://tagline.hushmail.com/fc/Ioyw6h4dC6kbhaI6CLIgyWpO60jMWLXpHtbVzuYHwGilHWig7GUYZK/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Remote Desktop Command Fixation Attacks, (continued)
- Re: Remote Desktop Command Fixation Attacks Xo Plague (Oct 11)
- Re: Remote Desktop Command Fixation Attacks Pete Simpson (Oct 12)
- Re: Remote Desktop Command Fixation Attacks John C. A. Bambenek, CISSP (Oct 11)
- Re: Remote Desktop Command Fixation Attacks Thor (Hammer of God) (Oct 12)
- Re: Remote Desktop Command Fixation Attacks pdp (architect) (Oct 13)
- Re: Remote Desktop Command Fixation Attacks C Q (Oct 14)
- Re: Remote Desktop Command Fixation Attacks pdp (architect) (Oct 15)
- Re: Remote Desktop Command Fixation Attacks C Q (Oct 14)
- Re: Remote Desktop Command Fixation Attacks gjgowey (Oct 15)
- Re: Remote Desktop Command Fixation Attacks James (njan) Eaton-Lee (Oct 15)
- Re: Remote Desktop Command Fixation Attacks Valdis . Kletnieks (Oct 11)