windows

  • What is RDP ( Remote Desktop Protocol) RDP is a proprietary protocol developed by Microsoft, which provides a user with a graphical interface to connect to another computer over a network connection. The user employs RDP client software for this purpose, while the other computer must run RDP server software. It will connect you with any computer that is located in others country. We use it for stay anon and safety. In one word you will use someone’s pc for carding instead of your own… so let learn how to enable and use it on our pc. 5 ways to open Remote Desktop Connection in Windows 10: Way 1: Open it in Start Menu. Click the bottom-left Start button to display the menu, expand All apps, open Windows Accessories and tap Remote Desktop Connection. Way 2: Launch it by searching. Type remote in the search box on taskbar, and choose Remote Desktop Connection from the items. Way 3: Turn it on via Run. Press Windows+R to show Run, input mstsc and hit OK. Way 4: Open the app via CMD. Start Command Prompt, type mstsc.exe and press Enter. Way 5: Turn it on via Windows PowerShell. Access Windows PowerShell, input mstsc and click Enter. Once the rdp opens, you will be asked to input the computer ip. it is mostly in this format (13.43.65.189) and it is part of rdp logins info which is bought from vendor. after writing that down, click on connect and wait for the prompt to input the username and password of the rdp logins which you have bought from a seller, and click on ok and yes upon seeing the prompt below. you have successfully logged in your rdp; you can use internet explorer to download browser of your choice. Buy rdps from monovm or anyother private seller.
  • October 28, 2020

    Phishing Windows Credentials

    It is very common in Windows environments when programs are executed to require from the user to enter his domain credentials for authentication like Outlook, authorization of elevation of privileges (User Account Control) or simply when Windows are inactive (Lock Screen). Mimic this behavior of Windows can lead to harvest credentials of Windows users that could be used for lateral movement during red team assessments. This technique can be useful when initial foothold has been achieved on the system and credentials of the user cannot be discovered by alternative methods.  C# Modern red teaming technique require tradecraft to be based in C# language since it allows in-memory execution by various frameworks such as Cobalt Strike, Covenant etc. The FakeLogonScreen is a Windows utility that was developed in C# by Arris Huijgen that will mimic Windows logon screen in an attempt to obtain the password of the current user.  The tool has the ability to show the background that is currently configured in order to reduce the risk of security conscious users to spot this malicious operation.  When the user enter his password on the fake logon screen it will perform a validation against the Active Directory or locally to ensure that the password is correct. The password will be displayed in the console. There is also a secondary binary which is part of the project and stores the credentials to a file (user.db) on local disk. Specifically executing the following will read the file that contains the credentials of the domain user.  1 type C:\Users\pentestlab.PENTESTLAB\AppData\Local\Microsoft\user.db A similar assembly binary called SharpLocker was developed by Matt Pickford that upon execution will show a fake logon screen to the user.  Every single keystroke will be captured on the console until the password of the user is fully uncovered. PowerShell Windows security input prompts are very common since applications in corporate...