A forum for reverse engineering, OS internals and malware analysis 

Forum for discussion about user-mode development.
 #26671  by kobip
 Sun Sep 06, 2015 12:44 pm
I'm trying to develop a program in c# which suppose to create new invisible desktop and there spawn mstsc.exe with configuration file in order to connect to remote internet explorer which ive published from windows machine using remoteapp.

when i spawn the mstsc in my original desktop it works fine and it connects to the internet explorer but when i spawn this programatically in the new desktop it spawn the mstsc process but stay stuck on connecting to <machine name> and i cant interact with the remoteapp.

my flow:
1. createdesktop
2. ConvertStringSecurityDescriptorToSecurityDescriptor - low integrity level
3. GetSecurityDescriptorSacl
4. SetSecurityInfo - to the new desktop handle
5. create explorer process on the new desktop
6. setthreaddesktop to the new desktop handle
7. create process "mstsc <conf file>" in the new desktop

what im missing?
why my new desktop doesn't work like my original desktop?
why when im running explorer in my new desktop i dont see the wallpaper and my user desktop? in only see the file explorer

 #26674  by TETYYSs
 Sun Sep 06, 2015 8:03 pm
Well, the only difference I'm seeing is that your hidden desktop is... hidden. Obviously, MS made sure that RDP would run only on active desktops.
 #26679  by kobip
 Mon Sep 07, 2015 1:11 pm
even if i switch to this desktop using SwitchDesktop() the mstsc still stuck. so the problem is not the hidden desktop. i think that im missing something in the preparation of the new desktop but cant figure out what missing.
 #26690  by TETYYSs
 Tue Sep 08, 2015 2:01 pm
kobip wrote:even if i switch to this desktop using SwitchDesktop() the mstsc still stuck
This is after you created it in hidden desktop? what if you create desktop switch to it and launch mstsc?
 #26697  by kobip
 Wed Sep 09, 2015 1:25 pm
tried this still the mstsc dont connect successfully. it show only black screen and the title is "connectig to <pc name>"
 #26705  by Brock
 Thu Sep 10, 2015 8:30 pm
Since you haven't posted your code it is pure guessing on our part. Have you tried filling in STARTUPINFO.lpDesktop when launching mstsc in the new desktop?