VNC inject

[mmiller at hick.org (mmiller at hick.org)]

On Wed, May 04, 2005 at 10:36:01AM +0600, vajira ganepola wrote:
> Dear HD,
>
> With the VNC inject payload when an exploit is sucessfully exploited, we get
> the screen and a shell windows saying Metasploit Courtest Shell.
>
>
> MY Question does this Metasploit Courtesy Shell Apeear on the users computer
> screen also ?

Yes, it does.  All the actions you perform on the desktop are visible to
the user.  While Windows does support having multiple desktops
per-workstation, it does not support having more than one input device
per-workstation.  We have done some research in the past into making it
so VNC inject gets its own detected desktop that isn't visible to the
user, but that's been put on hold for now.

If you are interested in making it so the shell does not appear, the
source is provided and you can recompile it such that it doesn't launch
the command shell :)