Hi folks,
Something I've been curious about is how Shodan manages to grab screenshots of unauthenticated Console sessions ("RDP Screenshots") on machines newer than Server 2003, and how I can do the same from my machine. On Server 2003 and older, you can use the -console flag with mstsc.exe (e.g. mstsc -v:(Hostname or IP Address) -console) to initiate this console session, and present a logon screen as if you were physically at the device, with no authentication needed.
However, this was removed in Server 2008 for obvious security reasons, and trying to use the -console flag to connect to a Server 2008 and later machine is ignored - you are prompted for authentication and if successful enter a standard RDP session.
Does anyone know how Shodan does it? Thanks in advance!
[link] [comments]
from hacking: security in practice https://ift.tt/gGZOv24
Comments
Post a Comment