Windows Hack – Remote control your home computer from work
There's always that time when you need desperately to get into your home computer from work, be it to get financial or tax information or just to kick off a download of that great movie your buddy just told you about. Most of us bound behind the corporate firewall can't get to much of anything outside of 80 or 443 as far as ports go, besides that a lot of us don't even have rights to install new software on our computers. So we need a hack that doesn't require any installation on our work computer, but will allow most of us to terminal into our home computer.
The hack is to allow a remote desktop connection to your computer over port 443, which is the standard http ssl port, and is typically left open for internet browsing by the sys-admin. The hack should work on most Windows 2000/XP/Vista machines. This hack will not work if you're serving up an SSL website out of your house. Keep in mind this hack requires editing the registry and if you don't know what your doing or modify the wrong key it could severely trash your computer, please perform at your own risk.
Step 1: Make sure Remote Desktop Sharing is enabled on your computer
- Right click My Computer and click Properties, then click on the Remote Tab - alternatively Click Start -> Control Panel -> System -> Advanced System Settings (Vista Only) -> Remote Tab
- Check box to allow remote users to connect
Step 2: Swap RDP Listening Port in Registry from 3389 to 443
- Click Start -> Run -> Type regedit -> Click OK
- Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control \Terminal Server\Wds\rdpwd\Tds\tcp
- Double Click PortNumber -> Switch the radio to Decimal -> Change the value from 3389 to 443 and click OK
- Navigate to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ TerminalServer\WinStations\RDP-Tcp\PortNumber
- Double Click PortNumber -> Switch the radio to Decimal -> Change the value from 3389 to 443 and click OK
- Restart the computer
Step 3: Router - Set up a port forward to pass 443 to your home computer (Linksys router)
This is for a user that has a home network, if you don't have a router you don't need to perform this step.
- Login to your router
- Go to the port forward tab, on a linksys router this is the Applications and Gaming tab
- Map a forward from incoming 443 to 443 on the internal IP address of the box you just modified to listen on port 443
- Go to the Security tab under Firewall and check Filter Multicast, uncheck Block anonymous internet requests
- Click on VPN link under Firewall enable all VPN options for passthrough
Step 4: Your IP Address/Domain
- If you don't know your public IP Address, get it, http://www.ip-adress.com/
- If your IP isn't static, use a Dynamic DNS service and install a client to update your IP, http://www.dyndns.com/services/dns/dyndns/
Step 5: Test it out at work
You should now be able to create a Terminal Services connection across port 443 to your home computer behind the corporate firewall using the remote desktop connection software already installed on most corporate images.
- Click Start -> Programs -> Accessories -> Communications (2000/XP) -> Remote Desktop Connection
- Put in your public IP address or DynDNS address and :443 and click Connect
- You should be able to login with the username and password you use on your computer
April 18th, 2007 - 08:28
Great post for remote access. Hopefully one day these ADSL router boxes will come with VNC server of some sort.
April 18th, 2007 - 15:29
Thanks, I’m happy either way, as long as I can continue to sneak out over port 443.
July 6th, 2008 - 12:04
This is great. I have a DLINK DI-624 and this worked fine for me. Only question I have, is if you want to file share how would send yourself files from your home pc to your work pc over port 443?
July 6th, 2008 - 12:12
I haven’t tried this, but it might be possible to just open the Advanced options on the remote desktop client, choose Local Resources and check to share Disk Drives, this way you’ll have a drive mapping under my computer from the local computer on the remote computer. Give it a try and let me know.
August 19th, 2008 - 11:16
wonderfull idea. thnx
September 4th, 2008 - 20:52
worked great for me! thanks
September 30th, 2008 - 12:28
This is definitely the best explanation of how to go about bypassing a company firewall to access your home computer. Very smart
October 1st, 2008 - 12:20
This is not working for me. I can use Remote Desktop locally on port 443 (from another computer on my home network, using the local computer name), after the change to the registry.
But I got set up with DynDns, did the port forwarding, and I always get “The computer can’t connect to the remote computer”.
I don’t know what to try next.
October 1st, 2008 - 13:13
Never tried it with DynDns, not sure what to tell you.
November 20th, 2008 - 09:56
Dan,
Are you still having this problem? I am experiencing this issue as well, and I am trying to resolve.
My approach is slightly different. I map external port 443 to internal port 3389.
Please advise if you found a solution.
I was using TS Gateway earlier
November 21st, 2008 - 22:40
Unless you have World wild web service installed, you won’t be able to make connection from out side your LAN.
Control panel/
Add remove program/
(side bar)Add remove windows component (IIS)/
(select NOT check)[ ]Intenet information services/
Click [detail]
select [X] World wild web service 2.3MB
December 30th, 2008 - 20:30
you can do this also via internet, by creating accoung in dyndns.org
March 4th, 2009 - 22:09
Is if possible that a company will find out that you are doing this by analyzing their network? Or is it that since traffic is flowing through an expected port 443, they just think its http traffic
April 29th, 2009 - 16:58
My answer is to bla bla hence port 443 would be considered encrypited and/or secure most corprate wont even monitor his port because its not viewable as http traffic would be. http = unsecure
June 8th, 2009 - 22:17
will this work even if the ISP is not giving the dns service? I called them before because I tried to setup dyndns with the account from dyndns.com but it didn’t work. When I called my ISP and asked them regarding this, they told me they don’t provide dns service anymore these days. Will this still work for me? thanks!
June 9th, 2009 - 07:55
@neo If you can’t get to the machine, you can’t remote into it, you either need a static IP or dyndns or something you can connect with, btw the ISP is probably not being straight with you. You should be able to set up DynDns on your machine to automatically update the IP so that you can remote in.
June 26th, 2009 - 15:38
try logmein.com works like a charm with any pc.
October 19th, 2009 - 14:45
Hi… Can i fully access the remote system from my computer… Is it is similar for vista os too… how can i copy file from the system..
October 19th, 2009 - 15:00
Hi… I tried it in my system… Its not working… Its not getting connected… what do i do…
October 19th, 2009 - 15:18
@Dragon,
This specific hack is for getting around a firewall by using rdp over port 443 instead of 3389. Other than that I’d make sure you can connect to your system from a system you know doesn’t have a firewall between you and the system your connecting to, if that works then try it from the systems behind the firewall.
December 4th, 2009 - 10:55
Thanks! I actually used this at my house to get a file off my school account. Now I can finish my essay!
April 13th, 2010 - 11:15
Hi there WebGuy, Just a quick question, does this work for Windows 7?
Thanks in advance!
Sam
December 29th, 2010 - 22:31
i am in the military, and I go underway pretty often. I would like to be able to access my wife’s laptop while she is on it, bring up a notepad window and we be able to real time chat. Is this a possibility or am i reaching? It just seems like it would be beneficial to be able to talk that way instead of waiting from strings of emails to pass through and bottleneck through the server. any ideas, let me know
October 31st, 2011 - 06:01
its a very good article
November 14th, 2011 - 10:53
You don’t need to hack the registry, just port forward 443 to 3389 in your router. No need to overcomplicate matters.
November 14th, 2011 - 11:05
@Josh. Good point. Thanks
December 14th, 2011 - 13:16
Not all routers allow this.
January 1st, 2012 - 10:57
It’s a lot easier to use ControlByMail from http://www.vic2pc.com to remotely access your files and control your PC, because it does it via email only, which is also safer at work because you can’t get into trouble for trying to hack or bypass the company firewall.
February 20th, 2012 - 03:57
In my college giving the separate use id and we are login in that pc..and all the computers are connected to a server..so i knw the ip of all the pc which are connected to the server..but when i connected the pc through the ip that time ask te password..so how to crack that password??plz help me..
February 23rd, 2012 - 04:34
This works for me almost from everywhere but not from work, in my work is port 443 locked or blocked somehow through proxy, when i use IP out of proxy it works, but i can’t use this IP it always.
Can i try some other ports? like port 80?