Metasploit mailing list archives
TightVNC inject
From: ninjatools at hush.com (ninjatools at hush.com)
Date: Wed, 17 Nov 2004 18:55:30 -0800
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 If anyone has questions that they don't want to bother the list with (I think questions like these fall into that category), feel free to email just the developers at msfdev [at] metasploit.com We try to keep this list fairly noise-free... Thanks - -spoon On Wed, 17 Nov 2004 18:32:36 -0800 Phyo Arkar Lwin <phyoakl at myanmar.com.mm> wrote:
I had tried.. I think that is the Conflict with display number of my X display, gnome-desktop session's display ? Can that be the problem ? if so , is there any option to specify the display number of vnc ? Thanks a lot for the help m8. I guess just a little more step away to slove my problem. ninjatools at hush.com wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The default proxy port is 5900, which corresponds to display 0,sodoign something like ./vncviewer localhost:0 works great for me. On Tue, 16 Nov 2004 13:14:11 -0800 Phyo Arkar Lwin<phyoakl at myanmar.com.mm> wrote:Thanks Spoon! The VNC problem. All of it was always ok on Win Box .All the results are the same , no error. It upload the vncdll, that was ok ,thenspawn a vncproxy , thats ok too.. Then I wait for the VNCviewer toopenup.... But that was never come up.. And The VNC proxy Quit with -Timeout-No Client Connected ---- etc.I try to connect with other vnc clients , (haven't tried with real vnc tho) Most of them do not support port option to connect. Only display Number option.. xtightvncviewer supports port option.. i try to connect with that . It connects , but no response come.Later the vncproxy quits ... I am new to VNCs on Linux . Can U guys Guide me how u use real VNC? I m using Debian-3.1-Sarge. All the other payloads r ok tho. For the release of msf 2.3 --- Better -In Depth Tutorial and Refrences On exploit development.So we can convert exploit.ccodesto exploit.pm(s) and Contribute for msf. Plus msf shell prompt configuration - with colors on *nix. (just like windows msf)Foreyecandy :D . Oh , one thing . Option to Enable or Disable whether vnc is injected , spawn Metasploit Courtesy DOS Shell or not. Because It alert Target Machine .. Also when it shutdown immidiately , VNC goes down too (i guess) .But it helps a lot when the ExploitedTargetis Log-Offed One. ninjatools at hush.com wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The idea with msfupdate was to make it the most indepedentfromtheframework as we could. This is for obvious reasons, you can destroy your installation of the framework, and stillhopefullyhave no issues updating. Because of this, msfupdate doesn'tusethe framework's socket classes, and thus doesn't support the proxing features. The tarball should be as up to date as msfupdate, or maybe youcanupdate at a different location or use dante to socksifymsfupdate(if there is a socks proxy around). As to your other issues with vnc, I'm not quite sure. Wedevelopprimarily on linux, and vnc seems to work great for us. I'musingthe RealVNC viewer, and I've yet to have any sort of issueswithit.As with the ftp issues everyone is talking about, this is aproblemwith pretty much any windows cmd shellcode I've seen, but I'lllookinto it with some of our newer code and see if we can make any differences. Any requests for 2.3 besides more exploits? :) - -spoon On Tue, 16 Nov 2004 05:31:49 -0800 Phyo Arkar Lwin <phyoakl@myanmar.com.mm> wrote:Hi I m under http-proxy enviorment.. And when i run msfupdate ,itdon't work. Is that support http-proxy ? http-proxy config onmetasploitsocket config work on this update too? are the CVS snap shotTarfile is the same with updated one?-----BEGIN PGP SIGNATURE----- Note: This signature can be verified athttps://www.hushtools.com/verifyVersion: Hush 2.4wkYEARECAAYFAkGaU8AACgkQtCeTLzI39eNODQCfXJOXVy5ysPJENFAxJXCF9xIs3SMAnRdELxhs1F2qXrBdZPSQ3vm3pnIX =LJhB -----END PGP SIGNATURE----- Concerned about your privacy? Follow this link to get secure FREE email: http://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger http://www.hushmail.com/services-messenger?l=434 Promote security and make money with the Hushmail AffiliateProgram:http://www.hushmail.com/about-affiliate?l=427-----BEGIN PGP SIGNATURE----- Note: This signature can be verified athttps://www.hushtools.com/verifyVersion: Hush 2.4wkYEARECAAYFAkGai6wACgkQtCeTLzI39ePOhgCgrbXS51CeI+zUlBVFYjt1gEZkdCI AoLT9Cu72J7bgLpHli+Ih81dn6NVc =YsLC -----END PGP SIGNATURE----- Concerned about your privacy? Follow this link to get secure FREE email: http://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger http://www.hushmail.com/services-messenger?l=434 Promote security and make money with the Hushmail AffiliateProgram:http://www.hushmail.com/about-affiliate?l=427
-----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.4 wkYEARECAAYFAkGcDyMACgkQtCeTLzI39eMLcQCfX16hI+RRj5QOs+eG2ZcToUx4HAcA oLMQY0j9F+jcXrDoeHcRV5oIk9aZ =iWHP -----END PGP SIGNATURE----- Concerned about your privacy? Follow this link to get secure FREE email: http://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger http://www.hushmail.com/services-messenger?l=434 Promote security and make money with the Hushmail Affiliate Program: http://www.hushmail.com/about-affiliate?l=427
Current thread:
- TightVNC Inject Phyo Arkar Lwin (Nov 16)
- TightVNC Inject mmiller at hick.org (Nov 16)
- <Possible follow-ups>
- TightVNC inject Phyo Arkar Lwin (Nov 17)
- TightVNC inject ninjatools at hush.com (Nov 17)
- TightVNC inject Phyo Arkar Lwin (Nov 17)
- TightVNC inject Phyo Arkar Lwin (Nov 18)
- TightVNC inject Ralph Corderoy (Nov 18)