Your RDP Clipboard will get you compromised

Security researches have disclosed a proof of concept which shows how it is possible to compromise clients via RDP. In order to exploit the clients, the attackers make use of vulnerability in the RDP clipboard function. The environments which are targeted are:
  • mstsc.exe – Microsoft’s built-in RDP client.
  • FreeRDP – The most popular and mature open-source RDP client on Github.
  • rdesktop – Older open-source RDP client, comes by default in Kali-linux distros.
Checkpoint fun fact share As “rdesktop” is the built-in client in Kali-linux, a Linux distro used by red teams for penetration testing, we thought of a 3rd (though probably not practical) attack scenario: Blue teams can install organizational honeypots and attack red teams that try to connect to them through the RDP protocol.