VNC payloads

[ninjatools at hush.com (ninjatools at hush.com)]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

You know, you guys have the source to this stuff... ;)

> From the payload..

  if ($self->GetVar('AUTOVNC')) {
    my $pid = fork();
    if (! $pid) {
        system("vncviewer 127.0.0.1:".$self->GetVar('VNCPORT'));
        exit(0);
    }
  }


so if you don't have a program called vncviewer in your path (which you
probably don't), then it's not going to lauch.

You can always just start up the vnc client manually and connect to localhost:5900
or whatever port you have it proxing on.

On Tue, 05 Oct 2004 02:05:16 -0700 RaMatkal <ramatkal at hotmail.com> wrote:
> mmmm....I have the AUTOVNC variable set to 1 which is supposed to
> laucnh the
> viewer automatically?
>
> > On Tue, Oct 05, 2004 at 10:39:47AM +0200, RaMatkal wrote:
> > > Im having a few probs with VNC payloads.....
> > [snip]
> > > VNC proxy listening on port 5900
> > [snip]
> >
> > I haven't tried out Metasploit yet, so this is just a guess, but
> > have you tried manually starting up a VNC viewer and trying to
> > connect to the compromised machine?  From the output you quoted
> > it looks like everything worked fine.  Maybe you are expected
> to
> > start the viewer manually.
> >
> > --
> > Michael Wood <mwood at icts.uct.ac.za>
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.4

wkYEARECAAYFAkFitXoACgkQtCeTLzI39eNqjACgvfgNtqW3Hb8CH40Sw6PHJ3V2WCIA
nRsacekgECBoCEccPhXIGFnIf5aD
=jT/k
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
secure FREE email: http://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
http://www.hushmail.com/services-messenger?l=434

Promote security and make money with the Hushmail Affiliate Program: 
http://www.hushmail.com/about-affiliate?l=427