Penetration Testing mailing list archives
Re: Remote access and automatize user account creation (Windows XP)
From: TAS <p0wnsauc3 () gmail com>
Date: Fri, 7 May 2010 01:13:40 +0530
Hi, Having two simultaneous connection is possible only in Windows server editions. Unfortunately this feature is not integrated in Windows XP. With softwares like VNC or team viewer you can have two people connect to the system, but only one person can use it. There is a workaround to having simultaneous connection like in server editions in Windows XP as well, but it may not get accepted by your client, since it involves using a modified DLL file. Incase if you are still curious google for "concurrent-rdp-connections-hack-xp" (off course without the double quotes) For your second question, there is a way to do this. Take a ISO of Windows OS, do something called as slip streaming. There are tools like nlite that allow you to create or pre configure a lot of options like adding the key, having latest updates pushed, drivers and some softwares pre installed in image. So you also have an option of pre configuring the accounts atleast in nlite. A detailed guide is available at hxxp://unattended.msfn.org/unattended.xp/ for various class of users. Once you have done this correctly, you will do what is called a silent installation of OS. Hope this helps. Cheers TAS! On 5 May 2010 23:23, <sbesson () ymail com> wrote:
Hello everybody, One of my client who has great needs in security, is asking me two questions which I wasn't able to answer to : 1. My client is looking for a remote access software (such as VNC) which could allow 2 simultaneous sessions on Windows XP SP3. Are you aware of any software like this ? Also, which one is the best regarding security ? 2. The support/exploitation IT department has been complaining about having to enter credentials during the installation of an XP image. They are asking my client to automatize the creation of 2 local accounts w/o having to enter any credentials. This means that the credentials used in order to create both account have to be stored somewhere right ? (ie, in a script). What are the best security practice regarding this ? How to automatize the creation of a ressource (user account, etc.) which require authentication w/o having to enter password ? Thanks in advance for your help. Best regards, S. AIBI ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Remote access and automatize user account creation (Windows XP) sbesson (May 06)
- RE: Remote access and automatize user account creation (Windows XP) Paul Griggs (May 06)
- Re: Remote access and automatize user account creation (Windows XP) Shreyas Zare (May 06)
- Re: Remote access and automatize user account creation (Windows XP) TAS (May 06)
- Re: Remote access and automatize user account creation (Windows XP) Susan Bradley (May 06)
- Re: Remote access and automatize user account creation (Windows XP) aryasheel.pradhan (May 07)