3gstudent/List-RDP-Connections-History: Use powershell to list the RDP Connections History of logged-in users or all users

3gstudent/List-RDP-Connections-History: Use powershell to list the RDP Connections History of logged-in users or all users
2018-09-09 20:19:10 Author: github.com(查看原文) 阅读量:272 收藏

Join GitHub today

GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.

PowerShell 100.0%

Fetching latest commit…

Cannot retrieve the latest commit at this time.

Use powershell to list the RDP Connections History of logged-in users or all users

List Logged-in Users' RDP Connections History

Enumerating the registry key values of HKEY_USERS"+$User.SID+"\Software\Microsoft\Terminal Server Client\Servers\

List All Users' RDP Connections History

Realization ideas:

First use "reg load" to load hive.
Then read the RDP Connections History from HKEY_USERS.
Last you need to use "reg unload" to unload hive.

Note:

The script automatically implements the above operation,there is no need for a GUI. :)

More Details:

渗透技巧——获得Windows系统的远程桌面连接历史记录

Press h to open a hovercard with more details.

文章来源: https://github.com/3gstudent/List-RDP-Connections-History
如有侵权请联系:admin#unsafe.sh