A short script to automate the process of RDP session hijacking. When run without any parameters it will enumerate all existing RDP sessions and prompt for a session to be taken over. This script requires local admin to run.
- Easy enumeration of sessions
- Automatic configuration of RDP shadowing
- Fast and easy lateral movement and privelege escalation
Perhaps you've owned a users who is a local administrator of a server. Another user who is a domain admin has a session on that server. With this you can quickly and easily begin viewing and/or interacting with their RDP session.