Jaa


Πολύ απομακρυσμένη επιφάνεια εργασίας!

??e? ???p?? p?? d???e?? µ?s? RDP s??des?? se ??p??? Windows 2003 server ?a? e?? ??a d???e???? ?µ??fa ?a? e?????sta ??t? a????e? ?a µ?? p??a??e? ?a??!

image

???a? p??fa??? p?? ??t? s?????a fta?e? st? server ? st? d??? µ?? sta?µ? e??as?a?, ???ete t??a ??a ??a fta??e ta windows. ?e? pe???µa? ?µ?? e????a ?a? ??? ?a t? ???? ??a ß?µa pa?ap??a. ?????? network tracing ?a? ?ate??e?a? ???s?µ?p??? display filter tcp.port==3389 (3389 RDP tcp port).

??e???p????ta? t? f??t?? ß??p? ta pa?a??t?:

ScreenHunter_03 Dec. 17 12.44 

?d? a??????? ta pe??e??a, e?? ??t?sa ta pa??ta p?? ????? ?? source ? destination tcp port 3389 ?? ?µ?? ß??p? ?a? icmp frames. G?a ??tse t? icmp de? e??a? t? ???st? Ping.exe (echo request & echo reply)!

?? ?µ?? de? e??a? p??ta ?ts?, t? ICMP p??t?????? ?????eta? se types & codes https://www.iana.org/assignments/icmp-parameters , t? ???st? Ping e??a? type 8 (echo request) & type 0 (echo reply)

image 

G?a ?a epa????? st? a????? p??ß??µa, t? s???ß? te???? ?a? ?pa?e ?a ?e?t????e? t? RDP;

St? p??t? frame ? sta?µ?? µ?? st???e? ??a tcp packet µe t? SYN flag enabled, st?? ??s?a e??a? t? p??t? ß?µa t?? 3-way handshake, ?a? ? ap??t?s? p?? pa?????? e??a? ICMP Redirect (Redirect for host). ??a????ta? ta pe??e??µe?a e??? ICMP Redirect ????µe ta e???

ScreenHunter_06 Dec. 17 13.061. Type & code, (5: Redirect) & (1: Redirect for host)

2. Gateway Address, ? IP t?? gateway p?? p??pe? ?a ???s?µ?p???s?!!!!

3. ? a????? p????f???a p?? ?ste??a, ?ste ?a ???e? ?ata???t? p?? ape????eta? t? ICMP Redirect

?? s???ß? te????, pe??µe?a ???? ??a ?a? t? p??ß??µa ep??????e µ???? t? routing epa????e. G?at? s???ß?; a?t? de? µp??esa ?a t? apa?t?s? ??at? ?fe???ta? s?????a st? d??t??  (routing configuration) ? se ??p??a ?e????te?? a??a?? se routers etc.

S????????ta? ta Redirects µa? ???e p?? de? ???s?µ?p????µe t? s?st? gateway ?a? p??pe? ?a ?????µe ???s? ?????. S?????a de? ?????µe ?a ß??p??µe t?t???? e?d??? pa??ta st? d??t?? ??at? s?????a s?µa????? ????? routing configuration ?a? t?? pe??ss?te?e? f???? ?p?????? ?a??ste??se?? ? ?a? ad??aµ?a s??des??.

Comments

  • Anonymous
    March 08, 2010
    Είπα και εγώ, είναι δυνατόν να μην κάνει net snif o Θανάσης;;;; Μπράβο Θανάση για την ολοκληρωμένη προσέγγιση.