![]() Microsoft Discontinues Remote Desktop Connection Manager (RDCMan) Microsoft discontinues RDCMan app following security bug You can download version 2.8 of the Remote Desktop Connection Manager (RDCMan) from Microsoft. Version 2.8 of Remote Desktop Connection Manager (RDCMan) is released as part of the SysInternals suite. Their way of thinking was that by uninstalling RDCMan, an attacker could no longer trick them into use RDCMan using files with the *.rdg extension. On March 12, 2020, Microsoft didn’t recommended uninstalling Remote Desktop Connection Manager (RDCMan), but many admins removed it from their management boxes and resorted to alternatives like mRemoteNG, RD Tabs, RDM and even purely paid solutions like RoyalTS. To exploit the vulnerability, an attacker could create an RDG file containing specially crafted XML content and convince an authenticated user to open the file. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration. The version we used back then (version 2.7) dated back to 2014.Īn information disclosure vulnerability exists in the Remote Desktop Connection Manager (RDCMan) application when it improperly parses XML input containing a reference to an external entity. It was available as a free download until March 2020 when a critical vulnerability ( CVE-2020-0765) was found in the program. RDCMan used to be a popular tool to collect, categorize and use multiple remote desktop connections in Microsoft-oriented networks. This version, released as part of the SysInternals suite, solves a critical vulnerability and allows admins in Microsoft-oriented networks to enjoy remote desktop connections again (relatively) safely. # file or spreadsheet, or a separate JSON / XML file.Microsoft released a new version of Remote Desktop Connection Manager (RDCMan) this week. # more work you could acquire this information from Active Directory, a stored CSV # based on what PDQ Inventory Collection I care about at the moment, but with a little # For instance, I query the relevant workstations out of the PDQ Inventory database # In a real scenario, you can obtain this information from whatever source you desire # Mock a couple of computer objects using a hash $credentialHash = Read-Host "What is the password for $($env:username)?" -AsSecureString $credentialHash = Read-Host "What is the password for ExampleUser1?" -AsSecureString # Collect the SecureString password from the user: ![]() # Launch RDCMan.exe using our temporary RDG file # This is our RDG file for launching RDCMan, although it is not required that it be provided a. # Create a temporary file to hold the XML $fileElement.RemoveChild($groupTemplateElement) # Remove the Group template object, as it is just a blank stub at this point. # Add (via AppendChild method) a single Server object to a Group objectįunction Add-ServerToGroup($group, $serverName) # Create an RDG (XML formatted) file for RDCMan to import so that all workstations are in relevant groups. $ExampleGroup = Get-Group $fileElement 'ExampleUser1-group' 'exampleUser1' (Secure-Password $RDCMan ((New-Object PSCredential "user",$credentialHash).GetNetworkCredential().password)) ‘ExampleDomain’ $adminGroup = Get-Group $fileElement 'Admin-group' $env:USERNAME (Secure-Password $RDCMan ((New-Object PSCredential "user",$credentialHash).GetNetworkCredential().password)) $env:USERDOMAIN # Name your root element in the RDCMan connection window. ![]() # Root XML element that objects will append to # Be aware that you may need to update the path based on where you store the file # Store the XML template into a variable for more sensible parsing / operating $RDCMan = "E:\Remote Desktop Connection Manager\RDCMan.exe" # Store the location of the Remote Desktop Connection Manager file
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |