Metasploit mailing list archives
VNC payload problems
From: hdm at metasploit.com (H D Moore)
Date: Tue, 25 Sep 2007 15:33:42 -0500
I see this once in a while -- usually its caused by one of these two issues: 1) Security software on the target is breaking causing VNC to crash 2) Some other software is killing the exploit process, with VNC in it Common case is using the "psexec" exploit with the VNC payload, the service control manager will kill VNC after a few seconds. One way to track whats going on is to attach a debugger to the target process and see what happens when the connection is closed. -HD On Tuesday 25 September 2007 15:29, Andres Riancho wrote:
?? Neither bind and reverse VNC are working. I think that the problem is with the TCP relay... any ideas on why this ain't working? How can I debug the multistage payload (the .exe on the remote server) ?
Current thread:
- VNC payload problems Andres Riancho (Sep 25)
- VNC payload problems H D Moore (Sep 25)
- VNC payload problems Andres Riancho (Sep 25)
- VNC payload problems Patrick Webster (Sep 25)
- VNC payload problems Andres Riancho (Sep 25)
- VNC payload problems H D Moore (Sep 26)
- VNC payload problems Andres Riancho (Sep 26)
- VNC payload problems Andres Riancho (Sep 25)
- VNC payload problems Andres Riancho (Sep 26)
- VNC payload problems H D Moore (Sep 25)
- <Possible follow-ups>
- VNC payload problems Steven Olson (Sep 26)