Sponsored Links
-->

Sunday, March 18, 2018

Beginner Hacking - Episode 5 - Remote Administration Tools (RATS ...
src: i.ytimg.com

Remote administration refers to any method of controlling a computer from a remote location.

Software that allows remote administration is becoming increasingly common and is often used when it is difficult or impractical to be physically near a system in order to use it. A remote location may refer to a computer in the next room or one on the other side of the world. It may also refer to both legal and illegal (i.e. hacking) remote administration (see Owned and Trojan).


Video Remote administration



Requirements

Internet connection

Any computer with an Internet connection, TCP/IP or on a Local Area Network can be remotely administered.

For non-malicious administration, the user must install or enable server software on the host system in order to be viewed. Then the user/client can access the host system from another computer using the installed software.

Usually, both systems should be connected to the internet, and the IP address of the host/server system must be known. Remote administration is therefore less practical if the host uses a dial-up modem, which is not constantly online and often has a Dynamic IP.

Connecting

When the client connects to the host computer, a window showing the Desktop of the host usually appears. The client may then control the host as if he/she were sitting right in front of it.

Certain versions of Windows XP have a built-in remote administration package called Remote Desktop Connection. A free cross-platform alternative is VNC, which offers similar functionality.


Maps Remote administration



Common tasks for which remote administration is used

Shutdown

  • Shutting down or rebooting another computer over a network

Accessing Peripherals

  • Using a network device, like printer
  • Retrieving streaming data, much like a CCTV system

Modifying

  • Editing another computer's registry settings
  • Modifying system services
  • Installing software on another machine
  • Modifying logical groups

Viewing

  • Remotely assisting others
  • Supervising computer or internet usage
  • Access to a remote system's "Computer Management" snap-in

Hacking

Computers infected with malware such as Trojans sometimes open back doors into computer systems which allows malicious users to hack into and control the computer. Such users may then add, delete, modify or execute files on the computer to their own ends.


Actiontec MI424WR-GEN2-Rev-F Screenshot Remote Administration
src: m.setuprouter.com


Popular software

Windows

Windows Server 2003, 2008, Tablet PC Editions, and Windows Vista Ultimate, Enterprise and Business editions come with Microsoft's Microsoft Management Console, Windows Registry Editor and various command-line utilities that may be used to administrate a remote machine. One form of remote administration is remote desktop software, and Windows includes a Remote Desktop Connection client for this purpose.

Windows XP comes with a built-in remote administration tools called Remote Assistance and Remote Desktop, these are restricted versions of the Windows Server 2003 Terminal Services meant only for helping users and remote administration. With a simple hack/patch (derived from the beta version of Windows XP) it's possible to "unlock" XP to a fully featured Terminal Server.

Windows Server 2003 comes with built-in remote administration tools, including a web application and a simplified version of Terminal Services designed for Remote administration.

Active Directory and other features found in Microsoft's Windows NT Domains allow for remote administration of computers that are members of the domain, including editing the registry and modifying system services and access to the system's "Computer Management" Microsoft Management Console snap-in.

Some third-party remote desktop software programs perform the same job.

FastAdmin is a small utility that gives administrators a quick overview of all Active Directory computer systems and performs tasks like starting a remote command or PowerShell prompt, restart, shutdown, wake-on-lan, initiate a remote desktop session, offer remote help, run files remotely, and more.

Back Orifice, whilst commonly used as a Script Kiddie tool, claims to be a remote-administration and system management tool. Critics have previously stated that the capabilities of the software require a very loose definition of what "administration" entails.

Remote Server Administration Tools for Windows 7 enables IT administrators to manage roles and features that are installed on remote computers that are running Windows Server 2008 R2

Non-Windows

VNC can be used for remote administration of computers, however it is increasingly being used as an equivalent of Terminal Services and Remote Desktop Protocol for multi-user environments.

Linux, UNIX and BSD support remote administration via remote login, typically via SSH (The use of the Telnet protocol has been phased out due to security concerns). X-server connection forwarding, often tunnelled over SSH for security, allows GUI programs to be used remotely. VNC is also available for these operating systems.

Apple Remote Desktop provides Macintosh users with remote administration capabilities.

Scriptlogic's Desktop Authority encompasses remote control as a part of remote management. This solution includes: secure web-based access to client machines, real-time diagnostics and troubleshooting, management of the file system, users/groups, registry, virtual memory, reboots and more - without user interaction, interactive remote monitoring and control of the desktop, supports clients running Windows 98 through XP/2003/Vista.

NX and its Google fork Neatx are free graphical Desktop sharing solutions for the X Window System with Clients for different platforms like Linux, Windows and Mac OS X. There is also an enhanced commercial version of NX Server available.


Remote Administration Tool (undetectable by anti-viruses) - YouTube
src: i.ytimg.com


Wireless Remote Administration

Remote administration software has recently started to appear on wireless devices such as the BlackBerry, Pocket PC, and Palm devices, as well as some mobile phones.

Generally these solutions do not provide the full remote access seen on software such as VNC or Terminal Services, but do allow administrators to perform a variety of tasks, such as rebooting computers, resetting passwords, and viewing system event logs, thus reducing or even eliminating the need for system administrators to carry a laptop or be within reach of the office.


TRENDnet TWG-BRF114 Screenshot Remote Administration
src: m.setuprouter.com


References

Source of article : Wikipedia