RDPHijack Archives • Penetration Testing

September 23, 2022

RDPHijack: uses WinStationConnect API to perform local/remote RDP session hijacking

BOF – RDPHijack Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking. With a valid access token / kerberos ticket (e.g., golden ticket) of the session owner,...

Tagged: RDPHijack

RDPHijack: uses WinStationConnect API to perform local/remote RDP session hijacking

Search

Brilliantly

Content & Links