Metasploit mailing list archives
RealVNC exploit issue
From: hdm at metasploit.com (H D Moore)
Date: Fri, 28 Jul 2006 13:17:18 -0500
The LHOST/LPORT fields should be set the interface and port that the VNC proxy will bind to. Good values for these are: LHOST: 0.0.0.0 LPORT: 5900 Once the exploit runs, the module will open the proxy port and try to connect to it with "vncviewer" if you have it installed (included by default with the Windows install of the Framework). -HD On Friday 28 July 2006 10:50, Mervyn Heng wrote:
I have Metasploit running on my host OS and a vulnerable Win XP (with RealVNC v4.1.1). I used the POC from Blacksecurity and was able to log into my virtual machine running the vulnerable version of VNC. I tried to do the same with Metasploit but got the attached error page. What source IP and port should I be specifying within Metasploit?
Current thread:
- RealVNC exploit issue Mervyn Heng (Jul 28)
- RealVNC exploit issue H D Moore (Jul 28)
- RealVNC exploit issue Mervyn Heng (Jul 29)
- RealVNC exploit issue Dane Krapchev (Jul 30)
- RealVNC exploit issue Mervyn Heng (Jul 29)
- RealVNC exploit issue H D Moore (Jul 28)