Metasploit mailing list archives
Re-2: vnv injection
From: jvarlet at aressi.fr (jvarlet at aressi.fr)
Date: Tue, 25 Oct 2005 12:37:45 +0000
after dll injection, and VNC proxy listening on port 5900 when i run netstat i have nothing. When i run vnc viewer on 127.0.0.1, then i can see it when i run netstat, but i have nothing on screen. If i use UltraVNC as viewer, i have the message : Negotiate Protocole Version but anything else... -------- Original Message -------- Subject: Re: [framework] vnv injection (21-oct.-2005 17:01) From: mmiller at hick.org To: jvarlet at aressi.fr
On Fri, Oct 21, 2005 at 02:16:57PM +0000, jvarlet at aressi.fr wrote:Hi, I am trying to make vnc injection : with exploit iis50_webdav_ntdll, bind and reverse vnc injection on a 2000 server sp0 I have no problem with reverse shell. With VNC I have the following messages : dll is uploaded to memory VNC proxy listening on port 5900 So I tried to connect with VNCViewer (ultravnc and realvnc)on LHOST, RHOST, and 127.0.0.1 on port 5900. But I have nothing. I tried with AUTOVNC=1 and 0. The metasploit shell is opened on RHOST screen. I read documentation but i did not find anything about that. Maybe this exploit does not work with vnc injection ?If you get to the point that the courtesy shell is displayed and the VNC local proxy is listening, it is probably safe to say that the payload worked. The local proxy should be able to be communicated with on 127.0.0.1::5900 (the double colon is important depending on the vnc viewer you are using). You don't even have to specify the port since 5900 is the default. If vncviewer is in your path then AUTOVNC=1 should work fine. When you run netstat, do you see anything listening on port 5900? You should get an error message if it had failed to bind. Hope that helps.
To: mmiller at hick.org Cc: framework at metasploit.com
Current thread:
- Re-2: vnv injection jvarlet at aressi.fr (Oct 25)