Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Windows Independant GUI

From: Paolo Scarabelli <paolo () msw it>
Date: Tue, 05 Sep 2006 16:47:38 +0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi there,

If you have full access to the compromised machine you may try to
install a software like Thinsoft WinConnect Server XP which allows you
to use an XP box as a terminal server.

In this way you can have several remote GUIs (up to 21 if I'm not wrong)
at the same time. You can also set it to allow a user to remotely
connect more terminals at the same time, so you don't risk to kick out
the legitimate user once you login.


Regards,


Paolo.




One2 () onetwo com wrote:

Hey All,

After compromising Windows workstations I am able to gain a remote GUI via either Terminal Services, VNC, GetScreen, 
etc.

However, this remote access gives me access to the user's GUI, which limits me to using the GUI when they seem to 
have left for lunch. ;o)

Does anyone know of any way that I can gain an independant GUI so that I can use and install GUI software to continue 
the attack, without having to worry about whether the user is using their GUI?

All ideas are welcome.

Thanks,
One2



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFE/TmpqAaEpZvj+VMRAg4hAJ9hCpwJuZxEUI4IfC6m6OdgmPhOFgCgnGxR
j/yi+B8VE3K0VxgkeL1SsLs=
=gjxs
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: