Find IP address of logged in user who logged in from remotedesktop!



  •  



  • I assume you're trying to identify the Client IP used to connect to an RDP server, where the RDP server session is then connecting to a web application?

    You would have to run something on the RDP server and then pass that information back 

    Try these power shell scripts:

    When you import the module you should be able to get the client ip address using the code below or something equivalent;

    $id = get-rdsession | where {$_.user -eq $env:USERNAME} | foreach {$_.SessionID}
    $ipAddress = get-rdsessionstatus -sessionid $Id | foreach {$_.ClientAddress} 


  • @Medezark said:

    I assume you're trying to identify the Client IP used to connect to an RDP server, where the RDP server session is then connecting to a web application?

    You would have to run something on the RDP server and then pass that information back 

    Try these power shell scripts:

    When you import the module you should be able to get the client ip address using the code below or something equivalent;

    $id = get-rdsession | where {$_.user -eq $env:USERNAME} | foreach {$_.SessionID}
    $ipAddress = get-rdsessionstatus -sessionid $Id | foreach {$_.ClientAddress} 

    I am trying this on website. Some user are clever to hide behind remote desktop.



    So if you're connected using remote desktop or terminal server session, I want to know what is the real computer you're using.
    My user in New York city is using a terminal server in Las Vegas, but I want to know the ip of his NY computer, not the IP of the terminal server in Las Vegas.




    I hope by giving above example, I have made me clearer than before.



  • @Nagesh said:

    So if you're connected using remote desktop or terminal server session, I want to know what is the real computer you're using. My user in New York city is using a terminal server in Las Vegas, but I want to know the ip of his NY computer, not the IP of the terminal server in Las Vegas.

    If what they are using is set up properly you can't.  In theory you might be able to infect the machine visting your website with malware that then tells if someone is connected to it remotely and then report back.



  • @locallunatic said:

    @Nagesh said:

    So if you're connected using remote desktop or terminal server session, I want to know what is the real computer you're using. My user in New York city is using a terminal server in Las Vegas, but I want to know the ip of his NY computer, not the IP of the terminal server in Las Vegas.

    If what they are using is set up properly you can't.  In theory you might be able to infect the machine visting your website with malware that then tells if someone is connected to it remotely and then report back.

    Only by having the remote desktop report it's client's IP address back to the web application will you be able to determine this.  And if you don't have access to the RDP server you are out of luck.



  • @Medezark said:

    @locallunatic said:

    @Nagesh said:

    So if you're connected using remote desktop or terminal server session, I want to know what is the real computer you're using. My user in New York city is using a terminal server in Las Vegas, but I want to know the ip of his NY computer, not the IP of the terminal server in Las Vegas.

    If what they are using is set up properly you can't.  In theory you might be able to infect the machine visting your website with malware that then tells if someone is connected to it remotely and then report back.

    Only by having the remote desktop report it's client's IP address back to the web application will you be able to determine this.  And if you don't have access to the RDP server you are out of luck.

    Can you show how remote desktop can report the client's IP to the web app? I want to talk to the infrastrcutre team over there in Los Vegas



  • @Nagesh said:

    @Medezark said:

    @locallunatic said:

    @Nagesh said:

    So if you're connected using remote desktop or terminal server session, I want to know what is the real computer you're using. My user in New York city is using a terminal server in Las Vegas, but I want to know the ip of his NY computer, not the IP of the terminal server in Las Vegas.

    If what they are using is set up properly you can't.  In theory you might be able to infect the machine visting your website with malware that then tells if someone is connected to it remotely and then report back.

    Only by having the remote desktop report it's client's IP address back to the web application will you be able to determine this.  And if you don't have access to the RDP server you are out of luck.

    Can you show how remote desktop can report the client's IP to the web app? I want to talk to the infrastrcutre team over there in Los Vegas

    See my previous post

Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.