Tuesday, September 28, 2010

Transferring files on isolated remote desktop environments Turbo Talk

The slides for the turbo talk "Transferring files on isolated remote desktop environments" I presented at Ekoparty are up for download here: http://www.ampliasecurity.com/research/transferringfilesonisolatedRDenvironments-ampliasecurity.pdf

The GUI Transfer Toolkit v1.0 can be downloaded here: http://www.ampliasecurity.com/research/gtt_1.0.tgz

And also three videos are available to give you an idea of what the tools do:

Go to: http://www.youtube.com/user/AmpliaSecurity

or, for the individual videos:

"Using GTT to upload files to an isolated Citrix environment"
http://www.youtube.com/watch?v=h65Yz5n1CPw

"Using GTT fastupload to upload files to an isolated Citrix environment"
http://www.youtube.com/watch?v=gLRGuHpvYBI

"Using GTT to download files from an isolated Citrix environment"
http://www.youtube.com/watch?v=asRpCcVhnuI

Thank you!

2 comments:

Zacharias said...

you are uploading code that needs to be compiled to to an exe to run so you are counting the on the compiler to be present on the server you are uploading.

would you be able to use the debug trick if your exe is < 64k. I am guessing the debug.exe is more easily found in a windows server than csc.exe

hernan said...

You don't need to upload code to be compiled. That was just an example.

Csc.exe is present almost everywhere because it is present when the .NET framework is installed (you don't need to install some special development package or anything like that), and the .NET framework is installed pretty much everywhere.
That is also why I included the example of using csc.exe.

Both debug.exe and csc.exe are very likely to be found on servers.

Again, there's no need for them either, you can do everything in ASCII too, for example:

1.Upload a VBS script (ascii) that decodes base64 (very easy, I will include it in the next version of the toolkit or make a quick post with it, but you can find many online anyway)

2.upload any binary, any size, encoded in base64 (ascii)

3.use the VBS script to decode. And you have your binary. whatever size.


Hope this helps.
Thank you!,
Hernan