In order to allow copy-paste functionality across remote desktop, ensure that the following services are running on the local computer and the remote system
1. Network DDE DSDM
2. Network DDE
3. ClipBook
Network Dynamic Data Exchange (DDE) is a technology that enables applications on different Windows computers to dynamically share data. This sharing is effected via communications channels called trusted shares, which are managed by a service called the Network DDE Agent. By design, processes on the local machine can levy requests upon the Network DDE Agent, including ones that indicate what application should be run in conjunction with a particular trusted share. The DSDM(Distributed Share Database Manager), manages the shared DDE(Dynamic Data Exchange) network conversations (from shares like: \\computername\ndde$).
However, a vulnerability exists because the Network DDE Agent runs using the Local System security context and processes all requests using this context, rather than that of the user. This would give an attacker an opportunity to cause the Network DDE Agent to run code of her choice in Local System context, as a means of gaining complete control over the local machine.
No comments:
Post a Comment