Re: RE: Microsoft RDP Priv. Escalation
('binary' encoding is not supported, stored as-is)
Thor - Did you consider trying this out or did you merely read? Uploading .RDP files for direct access via the web is obviously wrong, but that's beyond the point of this entire insecurity, and you my friend are not comprehending it. The information about the insecurity isn't illegal as I did not use valid information from any .RDP connection file. The cmd.exe thing is simply an example. Other applications that wouldn't normally execute can be executed with this as well. The escalation is the ability to run applications you shouldn't be able to with such an account. It's under the privileges of the user, but the idea is, those privileges don't allow you to execute certain programs. Through that, you can.
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
This archive was generated by hypermail 2.1.7
: Sat Apr 12 2008 - 10:58:30 EDT