Security Basics mailing list archives
Re: msf > use auxiliary/scanner/vnc/vnc_login
From: Eric Schultz <fire0088 () gmail com>
Date: Fri, 1 Nov 2013 11:13:28 -0400
ToddAndMargo, Error messages (or a lack of error messages) can vary depending on the module used as each module is indivigually programmed. when you have questions about a particular module, you should check out the online documentation. The information page for the module you're asking about is located here: http://www.offensive-security.com/metasploit-unleashed/Scanner_VNC_Auxiliary_Modules Notice the third dark-grey text box down from the top. This is a sample of a typical run of the module (what you can expect to see on your screen). Notice at the bottom, there is a message that says: [*] Scanned 11 of 11 hosts (100% complete) [*] Auxiliary module execution Do you receive this message? This signifies that the module has completed. If you do not see that message, your module is encountering hangups or errors. If valid credentials are discovered, the module does not make a shell or establish a VNC connection. You can notice, based on the path for the module, that the module is considered a "scanner." If valid credentials are discovered they will appear as a green [+] symbols as depicted in the grey text box from the link above. If you want to know more about the metasploit module, feel free to view the module's source code. On Kali, it can be located here: /usr/share/metasploit-framework/modules/auxiliary/scanner/vnc Good Luck. On Thu, Oct 31, 2013 at 1:47 PM, ToddAndMargo <ToddAndMargo () zoho com> wrote:
On Oct 31, 2013 1:34 PM, "ToddAndMargo" <ToddAndMargo () zoho com <mailto:ToddAndMargo () zoho com>> wrote: Hi All, I decided to test Metasploit against an open VNC server, following the following directions: https://www.rapid7.com/db/__modules/auxiliary/scanner/vnc/__vnc_login <https://www.rapid7.com/db/modules/auxiliary/scanner/vnc/vnc_login> After entering at the msf prompt: use auxiliary/scanner/vnc/vnc___login I never get my prompt back. According to the directions, I should be able to enter: msf auxiliary(vnc_login) > show actions What am I missing? Many thanks, -TOn 10/31/2013 09:17 AM, Ivan Carlos wrote:This server is vulnerable against this exploit? Ivan Carlos CISO, Consultant +55 (11) 98112-0666 www.icarlos.net <http://www.icarlos.net>Hi Ivan, I think I understand. If the vnc server rejects the exploit, you never get the "msf" prompt back because it never proceeded far enough with the exploit. So, this is good news? Be nice if you got some feedback as to trying and not working. -T ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: msf > use auxiliary/scanner/vnc/vnc_login ToddAndMargo (Nov 01)
- RE: msf > use auxiliary/scanner/vnc/vnc_login Ben Ten (Nov 01)
- Re: msf > use auxiliary/scanner/vnc/vnc_login ToddAndMargo (Nov 04)
- Re: msf > use auxiliary/scanner/vnc/vnc_login Eric Schultz (Nov 01)
- Re: msf > use auxiliary/scanner/vnc/vnc_login ToddAndMargo (Nov 03)
- Message not available
- Re: msf > use auxiliary/scanner/vnc/vnc_login ToddAndMargo (Nov 03)
- Message not available
- Re: msf > use auxiliary/scanner/vnc/vnc_login ToddAndMargo (Nov 04)
- Re: msf > use auxiliary/scanner/vnc/vnc_login ToddAndMargo (Nov 03)
- RE: msf > use auxiliary/scanner/vnc/vnc_login Ben Ten (Nov 01)
- <Possible follow-ups>
- Re: msf > use auxiliary/scanner/vnc/vnc_login ToddAndMargo (Nov 04)
- Re: msf > use auxiliary/scanner/vnc/vnc_login ToddAndMargo (Nov 04)
- [Solved] Re: msf > use auxiliary/scanner/vnc/vnc_login ToddAndMargo (Nov 04)
- Re: [Solved] Re: msf > use auxiliary/scanner/vnc/vnc_login jason m (Nov 05)
- Re: msf > use auxiliary/scanner/vnc/vnc_login ToddAndMargo (Nov 04)
- Message not available
- Re: msf > use auxiliary/scanner/vnc/vnc_login ToddAndMargo (Nov 04)
- Re: msf > use auxiliary/scanner/vnc/vnc_login Eric Schultz (Nov 05)
- Message not available