Recon 2011

Alisa eSage
Day Saturday - 2011-07-09
Room Grand Salon
Start time 15:00
Duration 00:30
ID 117
Event type Lecture
Track Main

Hacking Microsoft RDP for Fun and Profit

Post-exploitation the easy way

Microsoft RDP is a powerful functionality included into almost any version of Microsoft Windows, which enables users to log in remotely while enjoying familiar graphical and sound experience. However, Microsoft has restricted the RDP functionality in so many ways, that even regular users have to apply third-party patches to enable missing functions (such as concurrent sessions).

Nowadays many pro cyber attacks in post-exploitation stage are carried out by hands, via a malicious VNC connection, rather than via an automated payload trojan. Such attacks are still rare, because custom implementation of a remote desktop protocol is somewhat resource-intensive and unreliable. But, what if the attacker thinks of implementing malicious remote desktop backdoor on top of default functionality of Microsoft Windows?

In this presentation we will discuss the Microsoft RDP internals, and how an attacker might intercept them to achieve some malicious profit.