GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → mez-0 → Decryptrdcmanager

mez-0 / Decryptrdcmanager

.NET 4.0 Remote Desktop Manager Password Gatherer

Labels

post-exploitationnet-framework

Projects that are alternatives of or similar to Decryptrdcmanager

Gtfobins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Stars: ✭ 6,030 (+10120.34%)
Mutual labels:  post-exploitation
Pyexfil
A Python Package for Data Exfiltration
Stars: ✭ 554 (+838.98%)
Mutual labels:  post-exploitation
Clifx
Declarative framework for building command line interfaces
Stars: ✭ 900 (+1425.42%)
Mutual labels:  net-framework
Wpfdesigner
The WPF Designer from SharpDevelop
Stars: ✭ 479 (+711.86%)
Mutual labels:  net-framework
Servicestack
Thoughtfully architected, obscenely fast, thoroughly enjoyable web services for all
Stars: ✭ 4,976 (+8333.9%)
Mutual labels:  net-framework
Byob
An open-source post-exploitation framework for students, researchers and developers.
Stars: ✭ 6,949 (+11677.97%)
Mutual labels:  post-exploitation
Go Shellcode
Load shellcode into a new process
Stars: ✭ 456 (+672.88%)
Mutual labels:  post-exploitation
Ghost
Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.
Stars: ✭ 992 (+1581.36%)
Mutual labels:  post-exploitation
Ribbonwinforms
An Office Ribbon Control for .NET WinForms
Stars: ✭ 551 (+833.9%)
Mutual labels:  net-framework
Fsociety
fsociety Hacking Tools Pack – A Penetration Testing Framework
Stars: ✭ 7,224 (+12144.07%)
Mutual labels:  post-exploitation
Instagramapisharp
A complete Private Instagram API for .NET (C#, VB.NET).
Stars: ✭ 486 (+723.73%)
Mutual labels:  net-framework
Blackmamba
C2/post-exploitation framework
Stars: ✭ 544 (+822.03%)
Mutual labels:  post-exploitation
Pupy
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Stars: ✭ 6,737 (+11318.64%)
Mutual labels:  post-exploitation
Vegile
This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell
Stars: ✭ 478 (+710.17%)
Mutual labels:  post-exploitation
Venom
venom - shellcode generator/compiler/handler (metasploit)
Stars: ✭ 904 (+1432.2%)
Mutual labels:  post-exploitation
Opengl.net
Modern OpenGL bindings for C#.
Stars: ✭ 473 (+701.69%)
Mutual labels:  net-framework
Bashark
Bash post exploitation toolkit
Stars: ✭ 602 (+920.34%)
Mutual labels:  post-exploitation
Cliwrap
Library for running command line processes
Stars: ✭ 1,057 (+1691.53%)
Mutual labels:  net-framework
Pxenum
A shell script that automatically performs a series of *NIX enumeration tasks.
Stars: ✭ 30 (-49.15%)
Mutual labels:  post-exploitation
Hacker Roadmap
📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+13038.98%)
Mutual labels:  post-exploitation
View All Similar Projects ➔

DecryptRDCManager

DecryptRDCManager is a .NET port of Decrypt-RDCMan.ps1 which was written by Ben Turner and Rich Hicks. This tool will decrypt credentials from Remote Desktop Manager by using the functionality from the RDCMan.DLL as done here.

When a .rdg file is identified, the contents will look something like this:

<?xml version="1.0" encoding="utf-8"?>
<RDCMan programVersion="2.7" schemaVersion="3">
  <file>
    <credentialsProfiles>
      <credentialsProfile inherit="None">
        <profileName scope="Local">testprofile</profileName>
        <userName>DEV\testinguser</userName>
  <password>AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAlSnFmjEAH0SsyduD82ZosAAAAAACAAAAAAADZgAAwAAAABAAAABimXpySiTYAbe0keAEpZs7AAAAAASAAACgAAAAEAAAACklkBrjv0x63t1+OWBCrCggAAAAvCOw3knvjfpvWFRKJDPI+8ipmOA208hh3EijNOAQG0QUAAAAEX45lKeHqHDty7J9S1/GDw9pcIA=</password>
        <domain>DEV</domain>
      </credentialsProfile>
    </credentialsProfiles>
    <properties>
      <expanded>True</expanded>
      <name>testing</name>
    </properties>
    <server>
      <properties>
        <name>192.168.100.102</name>
      </properties>
      <logonCredentials inherit="None">
        <profileName scope="File">testprofile</profileName>
      </logonCredentials>
    </server>
  </file>
  <connected />
  <favorites />
  <recentlyUsed />
</RDCMan>

Credentials can either be stored in <credentialsProfile>, or <logonCredentials>. During testing, it was found that <logonCredentials> would either fail to decrypt, or decrypt to 0123456789. However, <credentialsProfile> was identified to be way more reliable.

Building

Make sure the RDCMan.DLL reference is added into the solution, and then build it. After building the solution, ILMerge.exe it:

.\ILMerge.exe /out:c:\DecryptRDCManager.exe .\DecryptRDCManager\DecryptRDCManager\bin\Debug\DecryptRDCManager.exe .\DLLs\AxMSTSCLib.dll .\DLLs\MSTSCLib.dll .\DLLs\RDCMan.dll

Usage

A path to a .rdg can be passed in, or DecryptRDCManager will read the following settings file to determine where any .rdg files are:

"C:\Users\<username>\AppData\Local\Microsoft\Remote Desktop Connection Manager\RDCMan.settings"

Example without path:

Without path

Example with path:

With path

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].