If a client uses the “Copy & Paste” feature over an RDP connection, a malicious RDP server can transparently drop arbitrary files to arbitrary file locations on the client’s computer, limited only by the permissions of the client. For example, drop malicious scripts to the client’s “Startup” folder, and after a reboot they will be executed on his computer, giving full control.
The research was performed by Checkpoint, and they have published a full step by step article which explains how it is possible to exploit the RDP sessions via clipboards.
Cyberwarzone is the number one cyberwar news provider. We have been publishing cyberwar news since 2010 and we are still running.
The news which has been collected is available for everyone and it will stay like that. All the cyberwar reports, videos, posts and comments are here to inform you about the cyberwar and security field.