![]() After which the changes should show up in the main window of dnSpy. NET which makes it rather easy to make this modification with a tool like dnSpy Open the treeview to RDCMan\RDCMan.exe\RdcMan\RdgFile\OpenFile(string) : FileGroup Right click the OpenFile(string) method and choose Edit Method (C#) from the popup menu The original unmodified codeĪnd make the following changes Add XmlResolver = null to new XmlDocument and new XmlTextReaderĪfter adding the two XmlResolvers hit the Compile button. NET applications this can be achieved by setting the XmlResolver on the XmlDocument type to null. That being said If you want to use RDCMan but can’t because of the vulnerability then you still have the option to fix the issue yourself. RDG configuration file this sort of attack is pointless as someone who can modify that file already has access to the filesystem. RDG file that was modified by an attacker which could then expose data via an XML external entity attack. The security vulnerabilty in RDCMan isn’t all that bad actually. ![]() If you like having multiple connections with group based inheritance (as RDCMan does), you’re out of luck with those alternatives. At the same time Microsoft removed the download from their site pushing people towards the use of MSTSC or Universal Remote Desktop client. ![]() On maa security vulnerability was published for Remote Desktop Connection Manager (RDCMan). ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |