Pentest Tools

Published on May 27th, 2016 📆 | 8012 Views ⚑


stickyKeysHunter – A Script to Test an RDP Host for Sticky Keys and Utilman Backdoor

This bash script tests for sticky keys and utilman backdoors. The script will connect to an RDP server, send both the sticky keys and utilman triggers and screenshot the result.

How does it work?

  1. Connects to RDP using rdesktop
  2. Sends shift 5 times using xdotool to trigger sethc.exe backdoors
  3. Sends Windows+u using xdotool to trigger utilman.exe backdoors
  4. Takes screenshot
  5. Kills RDP connection


  1. Linux host running an X server
  2. The following packages: xdotool imagemagick rdesktop bc
    1. Debian/Ubuntu/Kali install: apt-get install xdotool imagemagick rdesktop bc
  3. Screen cannot be locked during this process or all of the screenshots will turn out black

Scan a single host: ./
Scan Multiple hosts: for i in $(cat list.txt); do ./ "${i}"; done
[adsense size='1']

  1. Automatically analyze screenshots with OCR or image processing to identify backdoors.
  2. Speed up/multithread the tool.


Download stickyKeysHunter

Leave a Reply

Your email address will not be published.