Microsoft Dev Tunnels for C2, Persistance and RDP Redirection

No video

Microsoft Dev Tunnels for C2, Persistance and RDP Redirection

Рет қаралды 1,749

Күн бұрын

In this video, we dive into how to use Dev Tunnels for Remote Desktop Protocol (RDP) Redirection over the Internet. Dev Tunnels can be used to redirect any local port to another host over the internet. Much like SSH tunneling this process can use a simple executable to redirect remote access through a firewall.
In a typical environment every host is allowed to reach Microsoft websites, TLS is always open to the internet, and EDR won't touch signed Microsoft executables. This means you can use this to bypass network restrictions nearly everywhere.
Microsoft Dev Tunnel
learn.microsof...

Пікірлер: 11

@dgoncalo 11 ай бұрын

Love it! Great content as usual! This is mind blowing 😅

@user-ds7io2dm3b 6 ай бұрын

Man great trick ❤️

@nickpanda4484 Ай бұрын

great thanks!

@detective5253 11 ай бұрын

Woww great tradecraft technique! I'm getting addicted to this channel ngl. Keep us updated man we need you to post constanstly.

@CyberAttackDefense 10 ай бұрын

Thanks! Tell your friends!

@detective5253 10 ай бұрын

@@CyberAttackDefense of course i've done that. been sharing your videos since the day 1 i joined the gang

@ronen1n91 11 ай бұрын

You have unique KZbin videos keep up with it

@CyberAttackDefense 11 ай бұрын

Thanks for watching!

@ryanbarger1312 10 ай бұрын

Awesome sir. I may have missed the warning in the video... But "Allowing anonymous access to a dev tunnel means anyone on the internet is able to connect to your local server, if they can guess the dev tunnel ID." So - the demonstrated "--allow-anonymous" arg will expose targeted infrastructure to the internet. Correct? Thanks again. Great content.

@CyberAttackDefense 10 ай бұрын

Correct but given the use case of using this for a red team/pen test it makes it easier to use. You can certainly use this without -allow anonymous. Determine risk according to your scope.

@ryanbarger1312 10 ай бұрын

@@CyberAttackDefense Again. Love the videos. The "--access-token" arg gives you the same ease of use functionality amid a red team. But it also prevents connection by anonymous parties. You can also confine permissions for that token to "only hosting"; as opposed to connecting. Great reliable persistence method! Excellent video. Thanks for the great work.