Windows Remote Sharing Techniques — SMB and RDS’s Weaknesses and Defence Methods

Xueyi Wang


Supervised by Eirini S Anthi; Moderated by Yulia Cherdantseva

This project was an industry cooperate project with Pentest company led by Philipp Reinecke to provide Aggressor Script about Server Message Block (SMB) lateral movement on Cobalt Strike, which is a software for adversary simulations and red team operations. Due to technical issues, Pentest company failed to provide Cobalt Strike working environment. After the project being taken over by Irene Anthi, the project topic has changed to find common vulnerabilities that existed in real life, demonstrate and analyse their weak points, and finally give users defence methods against weaknesses. Under the Covid-19 pandemic environment, the increasing requirements of remote sharing services have made two Windows Remote Sharing technologies Server Message Block (SMB) and Remote Desktop Service (RDS) more and more important. SMB service has over 1 million active users and RDS has 4 million active users on the Internet all around the world according to Shodan. The active users of two remote sharing services are widely spread all around the world, which makes the vulnerabilities of two services more important at the same time. This report will discuss about Windows remote sharing services SMB and RDS’s using range, common vulnerabilities, service weaknesses, and defence methods from both high level and technical level.

Final Report (04/11/2021) [Zip Archive]

Publication Form