Full Disclosure mailing list archives
Re: XP Remote Desktop Remote Activation
From: Fixer <fixer907 () gmail com>
Date: Sun, 3 Oct 2004 07:39:31 -0700
Funny you should mention that, I was just wondering last night how to use PEX to turn this into a Metasploit payload...:-) One of these days I've got to sit down and start tinkering with it as there's 2 or 3 payloads I want to add to Metasploit (mostly custom backdoors), but I'm lazy and haven't gotten around to it. Fixer On Sun, 3 Oct 2004 00:58:18 -0500, H D Moore <fdlist () digitaloffense net> wrote:
If the exploit was written as a module for the Metasploit Framework, just select the VNC in-memory DLL injection payload and call it done. This payload has the following advantages: - No files are written to disk, the AV has no chance of catching it - The VNC server is a thread in the exploited app's process - The payload works in read-only mode if admin privs aren't obtained - It will use the WinLogon desktop if locked or nobody is logged in - A command prompt is provided with the privs of the exploited process - If the exploit causes the app to exit on crash, no traces are left http://metasploit.com/images/vnc.jpg http://metasploit.com/projects/Framework/ -HD On Friday 01 October 2004 23:50, Fixer wrote:n____________________________________________________________________ Windows XP Professional provides a service called Remote Desktop, which allows a user to remotely control the desktop as if he or she were in front of the system locally (ala VNC, pcAnywhere, etc.)._______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- XP Remote Desktop Remote Activation Fixer (Oct 02)
- Re: XP Remote Desktop Remote Activation morning_wood (Oct 02)
- Re: XP Remote Desktop Remote Activation Joel R. Helgeson (Oct 02)
- RE: XP Remote Desktop Remote Activation Dominick Baier (Oct 02)
- Re: XP Remote Desktop Remote Activation Fixer (Oct 02)
- RE: XP Remote Desktop Remote Activation Larry Seltzer (Oct 02)
- Re: XP Remote Desktop Remote Activation H D Moore (Oct 03)
- Re: XP Remote Desktop Remote Activation Fixer (Oct 03)
- <Possible follow-ups>
- RE:XP Remote Desktop Remote Activation RandallM (Oct 02)
- Re: XP Remote Desktop Remote Activation Fixer (Oct 02)
- Re: XP Remote Desktop Remote Activation morning_wood (Oct 02)