Full Disclosure mailing list archives

Re: vncviewer patched...

From: H D Moore <fdlist () digitaloffense net>
Date: Tue, 16 May 2006 12:30:07 -0500

No need to patch the client at all. The Metasploit Framework module 
proxies the connection and lets you exploit the flaw with any standard 
client. If you have vncviewer in your path (or are running the Windows 
version of the Framework), it also auto-connects :-)

-HD

http://metasploit.com/projects/Framework/exploits.html#realvnc_41_bypass

On Tuesday 16 May 2006 12:22, evilrabbi wrote:

Hello,

In case anyone was having trouble patching the vnc client I've supplied
a patched binary that can be downloaded at
http://www.nopsled.net/code/vncviewer.exe.<http://www.nopsled.net/code/
vncviewer.exe>

-- evilrabbi


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

vncviewer patched... evilrabbi (May 16)
- Re: vncviewer patched... sekure (May 16)
  - Re: vncviewer patched... evilrabbi (May 16)
    - Wireless access points wilder_jeff Wilder (May 16)
    - Re: Wireless access points sbernard (May 16)
    - RE: Wireless access points Waters, Chris (May 23)
- Re: vncviewer patched... H D Moore (May 16)
  - Re: vncviewer patched... evilrabbi (May 16)