Metasploit mailing list archives

Metasploit update

From: phyoakl at myanmar.com.mm (Phyo Arkar Lwin)
Date: Wed, 17 Nov 2004 03:44:11 +0630

Thanks Spoon!
  The VNC problem. All of it was always ok on Win Box .All the results 
are the same , no error. It upload the vncdll, that was ok , then spawn 
a vncproxy , thats ok too.. Then I wait for the VNCviewer to open up.... 
But that was never come up.. And The VNC proxy Quit with - Timeout-No 
Client Connected  ---- etc.I try to connect with other vnc  clients ,  
(haven't tried with real vnc tho)  Most of them do not support port 
option to connect. Only display Number option.. xtightvncviewer supports 
port option.. i try to connect with that . It connects , but no response 
come.Later the vncproxy quits ...
  I am new to VNCs on Linux . Can U guys Guide me how u use real VNC?

I m using Debian-3.1-Sarge. All the other payloads r  ok tho.

  For the release of msf 2.3 --- Better  -In Depth Tutorial and 
Refrences On exploit development.So we can convert exploit.c codes to 
exploit.pm(s) and Contribute for msf. Plus msf shell prompt 
configuration - with colors on *nix. (just like windows msf) For 
eyecandy :D .  Oh , one thing . Option to  Enable or Disable whether  
vnc is injected , spawn Metasploit Courtesy DOS Shell or not. Because It 
alert Target Machine .. Also when it shutdown immidiately , VNC goes 
down too (i guess) .But it helps a lot when the Exploited Target is 
Log-Offed One.

ninjatools at hush.com wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The idea with msfupdate was to make it the most indepedent from the
framework as we could.  This is for obvious reasons, you can
destroy your installation of the framework, and still hopefully
have no issues updating.  Because of this, msfupdate doesn't use
the framework's socket classes, and thus doesn't support the
proxing features.

The tarball should be as up to date as msfupdate, or maybe you can
update at a different location or use dante to socksify msfupdate (
if there is a socks proxy around).

As to your other issues with vnc, I'm not quite sure.  We develop
primarily on linux, and vnc seems to work great for us.  I'm using
the RealVNC viewer, and I've yet to have any sort of issues with it.

As with the ftp issues everyone is talking about, this is a problem
with pretty much any windows cmd shellcode I've seen, but I'll look
into it with some of our newer code and see if we can make any
differences.

Any requests for 2.3 besides more exploits? :)

- -spoon

On Tue, 16 Nov 2004 05:31:49 -0800 Phyo Arkar Lwin <phyoakl at myanmar.
com.mm> wrote:

Hi

I m under http-proxy enviorment.. And when i run msfupdate , it
don't
work. Is that support http-proxy ? http-proxy config on metasploit

socket config work on this update too? are the CVS snap shot Tar
file is
the same with updated one?

-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.4

wkYEARECAAYFAkGaU8AACgkQtCeTLzI39eNODQCfXJOXVy5ysPJENFAxJXCF9xIs3SMA
nRdELxhs1F2qXrBdZPSQ3vm3pnIX
=LJhB
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
secure FREE email: http://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
http://www.hushmail.com/services-messenger?l=434

Promote security and make money with the Hushmail Affiliate Program: 
http://www.hushmail.com/about-affiliate?l=427

Current thread:

Metasploit update Phyo Arkar Lwin (Nov 16)
- <Possible follow-ups>
- Metasploit update ninjatools at hush.com (Nov 16)
- Metasploit update Phyo Arkar Lwin (Nov 16)