[ Hacker Night School ] :: Got a foothold on a Windows target? Now enable Remote Desktop.

This entry is part 12 of 17 in the series [ Hacker Night School ]

Want to make your life easier once you’ve gotten a foothold on your Windows target? Enable Remote Desktop. See this article:

https://www.interfacett.com/blogs/how-to-remotely-enable-and-disable-rdp-remote-desktop/

TL;DR:

In cmd.exe:

Reg add\\computername\HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server  /v fDenyTSConnections /t REG_DWORD /d /f

In Powershell:

Invoke-Command –Computername “server1”, “Server2” –ScriptBlock {Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" –Value 0}
Don’t forget to allow RDP through the firewall:
Invoke-Command –Computername “server1”, “Server2” –ScriptBlock {Enable-NetFirewallRule -DisplayGroup "Remote Desktop"}
Now have fun!
Series Navigation<< [ Hacker Night School ] :: Hacking Practice: the Command Injection ISO[ Hacker Night School ] :: [ Using Git ] >>

Leave a Reply