search

qwqdanchun / DcRat

A simple remote tool in C#.
MIT License
943 stars 332 forks source link

Remote Desktop after Shell Injection #76

Open ZaZaZuul opened 2 years ago

ZaZaZuul commented 2 years ago

You wrote that there was an issue with Remote Screen Plugin turned into Shellcode with donut and injected . . . I was able to to use the plugin and had full funtionality with keyboard and mouse when injected into a process on an another computer on my LAN. I was using the newer version of donut and injected into remote process instead of using the default template.I don't know if any of that is relevent.

I did have a problem like you described when I tried forwarding the app through a socks proxy created with plink to a remote vps. the cursor would always go to the top left of the screen and stay there. keyboard input would not work either. I don't know why forwarding the port would break the plugin but I have tested this numerous times.

I can easily forward HVNC through plink and it works perfect.

BTW the Client does not work at all when using CLRvoyance to turn into shellcode. That seemed interesting to me. I wish I could figure out why. Not super important though lulz.

qwqdanchun commented 2 years ago

i am trying to solve this problem,and will fix it in new version

---Original--- From: @.> Date: Wed, Jan 12, 2022 10:55 AM To: @.>; Cc: @.***>; Subject: [qwqdanchun/DcRat] Injection (Issue #76)

You wrote that there was an issue with Remote Screen Plugin turned into Shellcode with donut and injected . . . I was able to to use the plugin and had full funtionality with keyboard and mouse when injected into a process on an another computer on my LAN. I was using the newer version of donut and injected into remote process instead of using the default template.I don't know if any of that is relevent.

I did have a problem like you described when I tried forwarding the app through a socks proxy created with plink to a remote vps. the cursor would always go to the top left of the screen and stay there. keyboard input would not work either. I don't know why forwarding the port would break the plugin but I have tested this numerous times.

I can easily forward HVNC through plink and it works perfect.

BTW the Client does not work at all when using CLRvoyance to turn into shellcode. That seemed interesting to me. I wish I could figure out why. Not super important though lulz.

— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you are subscribed to this thread.Message ID: @.***>