In the Blackhat talk, the research was driven by the fact that North Korean hackers would alledgely carry out attacks through RDP servers acting as proxies. Why search for vulnerabilities in the RDP client? They found a few small bugs, including one I found as well (detailled in the RDPSND section). Even though they also used WinAFL and faced similar challenges, their fuzzing approach is interesting and somewhat differs from the one I will present in this article. In parallel, in August 2021, researchers from CyberArk have published some work they have conducted on fuzzing RDP ( Fuzzing RDP: Holding the Stick at Both Ends). While I was working on this subject, other security researchers have also been looking for vulnerabilities in the RDP client. Finally, I will present some results I achieved, including bugs and vulnerabilities. Then, I will talk about my setup with WinAFL and fuzzing methodology. I will first explain the basics of the Remote Desktop Protocol. This article aims at retracing my journey and giving out many details, hence why it is quite lengthy. The objective was to go even further, by coming up with a general methodology for attacking Virtual Channels in RDP, and fuzz more of Microsoft’s RDP client with WinAFL. We thought they achieved encouraging results that deserved to be prolonged and improved. In particular, they found a bug by fuzzing the Virtual Channels of RDP using WinAFL. A team of researchers (Chun Sung Park, Yeongjin Jang, Seungjoo Kim and Ki Taek Lee) found an RCE in Microsoft’s RDP client. The initial idea was to follow up on a conference talk from Blackhat Europe 2019. Its use around the world is very widespread some people, for instance, use it often for remote work and administration.ĭuring my internship at Thalium, I spent time studying and reverse engineering Microsoft RDP, learning about fuzzing, and looking for vulnerabilities. The Remote Desktop Protocol (RDP) is a proprietary protocol designed by Microsoft which allows the user of an RDP Client software to connect to a remote computer over the network with a graphical interface.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |