Πολύ απομακρυσμένη επιφάνεια εργασίας!
??e? ???p?? p?? d???e?? µ?s? RDP s??des?? se ??p??? Windows 2003 server ?a? e?? ??a d???e???? ?µ??fa ?a? e?????sta ??t? a????e? ?a µ?? p??a??e? ?a??!
???a? p??fa??? p?? ??t? s?????a fta?e? st? server ? st? d??? µ?? sta?µ? e??as?a?, ???ete t??a ??a ??a fta??e ta windows. ?e? pe???µa? ?µ?? e????a ?a? ??? ?a t? ???? ??a ß?µa pa?ap??a. ?????? network tracing ?a? ?ate??e?a? ???s?µ?p??? display filter tcp.port==3389 (3389 RDP tcp port).
??e???p????ta? t? f??t?? ß??p? ta pa?a??t?:
?d? a??????? ta pe??e??a, e?? ??t?sa ta pa??ta p?? ????? ?? source ? destination tcp port 3389 ?? ?µ?? ß??p? ?a? icmp frames. G?a ??tse t? icmp de? e??a? t? ???st? Ping.exe (echo request & echo reply)!
?? ?µ?? de? e??a? p??ta ?ts?, t? ICMP p??t?????? ?????eta? se types & codes https://www.iana.org/assignments/icmp-parameters , t? ???st? Ping e??a? type 8 (echo request) & type 0 (echo reply)
G?a ?a epa????? st? a????? p??ß??µa, t? s???ß? te???? ?a? ?pa?e ?a ?e?t????e? t? RDP;
St? p??t? frame ? sta?µ?? µ?? st???e? ??a tcp packet µe t? SYN flag enabled, st?? ??s?a e??a? t? p??t? ß?µa t?? 3-way handshake, ?a? ? ap??t?s? p?? pa?????? e??a? ICMP Redirect (Redirect for host). ??a????ta? ta pe??e??µe?a e??? ICMP Redirect ????µe ta e???
1. Type & code, (5: Redirect) & (1: Redirect for host)
2. Gateway Address, ? IP t?? gateway p?? p??pe? ?a ???s?µ?p???s?!!!!
3. ? a????? p????f???a p?? ?ste??a, ?ste ?a ???e? ?ata???t? p?? ape????eta? t? ICMP Redirect
?? s???ß? te????, pe??µe?a ???? ??a ?a? t? p??ß??µa ep??????e µ???? t? routing epa????e. G?at? s???ß?; a?t? de? µp??esa ?a t? apa?t?s? ??at? ?fe???ta? s?????a st? d??t?? (routing configuration) ? se ??p??a ?e????te?? a??a?? se routers etc.
S????????ta? ta Redirects µa? ???e p?? de? ???s?µ?p????µe t? s?st? gateway ?a? p??pe? ?a ?????µe ???s? ?????. S?????a de? ?????µe ?a ß??p??µe t?t???? e?d??? pa??ta st? d??t?? ??at? s?????a s?µa????? ????? routing configuration ?a? t?? pe??ss?te?e? f???? ?p?????? ?a??ste??se?? ? ?a? ad??aµ?a s??des??.
Comments
- Anonymous
March 08, 2010
Είπα και εγώ, είναι δυνατόν να μην κάνει net snif o Θανάσης;;;; Μπράβο Θανάση για την ολοκληρωμένη προσέγγιση.