A Frida hook that intercepts defined keys within a remote desktop context and sends them to the operating system.
The hook intercepts CTRL + WIN + LEFT / RIGHT to enable virtual desktop switching while using full-screen remote desktop windows configured to send remote keys to the remote computer.
- Python 3.4
- Frida 4.4 or higher
- Windows 10 RTM (or higher, if you can get symbols)
-
Download processor architecture native Python 3.4. (Python 3.5 or higher is not supported.)
-
Add \Python34 and \Python34\Scripts to the PATH environment variable.
-
Open a PowerShell console for the following commands.
-
Install easy_install helper:
(Invoke-WebRequest https://bootstrap.pypa.io/ez_setup.py).Content | python -
- Install Frida
easy_install frida
- Set _NT_SYMBOL_PATH appropriately (more info):
SRV*X:\Path\To\Symbol\Cache*http://msdl.microsoft.com/download/symbols
Alternatively you can download symbols for mstscax.dll (i.e. mstscax.pdb) and place in \System32.
Hook an instance of Remote Desktop Connection via executable name:
frida -l remotedesktop-keyfilter.js mstsc.exe
Hook an instance of Remote Desktop Connection via process ID:
frida -l remotedesktop-keyfilter.js 19231