locked
Bypass RDS - RemoteApp - Shell Access RRS feed

  • Question

  • Hello Technet Guys, 

    I've created a PoC environment to test the RemoteApp feature of the RDS. Before trying to publish the applications and system of my company, I've decided to do some penetration testing activity. The result is not so good....

    I've published the calc.exe using the RemoteApp, and by using the Help Menu, I could gain access to the machine' shell.


    Have a look:

    01 - https://social.technet.microsoft.com/Forums/getfile/830818

    02 - https://social.technet.microsoft.com/Forums/getfile/830819

    03 - https://social.technet.microsoft.com/Forums/getfile/830820

    04 - https://social.technet.microsoft.com/Forums/getfile/830821

    05 - https://social.technet.microsoft.com/Forums/getfile/830822

    06 - https://social.technet.microsoft.com/Forums/getfile/830823

    PS: I cannot upload the images on the body of this Forum. As my account is new, Microsoft is blocking me.

    I dont want to implement others controls (like AppControl) to have a workaround and solve this problem. The perfect scenario would be to have access only to the Calc.exe and no other application.

    Microsoft has done some kind of job to block this bypass?

    Regards, 

    Leandro Soares


    • Edited by Leandro.Soares Wednesday, March 23, 2016 11:20 PM Add images
    Wednesday, March 23, 2016 11:15 PM

Answers

  • Hi Leandro,

    I am not able to open images you’ve posted.

    What you are seeing is expected.

    RemoteApp enables you to make programs that are accessed remotely through Remote Desktop Services appear as if they are running on the end user's local computer.”

    It is not designed to restrict/manage remote desktop users’ access towards RD Session Host, even “RemoteApp User Assignment is not intended to be a security mechanism; rather it is a discoverability mechanism”.

    The perfect scenario would be to have access only to the Calc.exe and no other application

    We will need to use Applocker to achieve that goal.

    More information for you:

    Overview of RemoteApp

    https://technet.microsoft.com/en-us/library/cc755055.aspx

    Introducing RemoteApp User Assignment                  

    https://blogs.msdn.microsoft.com/rds/2009/06/12/introducing-remoteapp-user-assignment/

    Best Regards,

    Amy


    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Proposed as answer by TP []MVP Thursday, March 24, 2016 2:27 PM
    • Marked as answer by Amy Wang_ Tuesday, April 5, 2016 7:41 AM
    Thursday, March 24, 2016 10:10 AM