Metasploit mailing list archives
vnv injection
From: mmiller at hick.org (mmiller at hick.org)
Date: Fri, 21 Oct 2005 10:00:58 -0500
On Fri, Oct 21, 2005 at 02:16:57PM +0000, jvarlet at aressi.fr wrote:
Hi, I am trying to make vnc injection : with exploit iis50_webdav_ntdll, bind and reverse vnc injection on a 2000 server sp0 I have no problem with reverse shell. With VNC I have the following messages : dll is uploaded to memory VNC proxy listening on port 5900 So I tried to connect with VNCViewer (ultravnc and realvnc)on LHOST, RHOST, and 127.0.0.1 on port 5900. But I have nothing. I tried with AUTOVNC=1 and 0. The metasploit shell is opened on RHOST screen. I read documentation but i did not find anything about that. Maybe this exploit does not work with vnc injection ?
If you get to the point that the courtesy shell is displayed and the VNC local proxy is listening, it is probably safe to say that the payload worked. The local proxy should be able to be communicated with on 127.0.0.1::5900 (the double colon is important depending on the vnc viewer you are using). You don't even have to specify the port since 5900 is the default. If vncviewer is in your path then AUTOVNC=1 should work fine. When you run netstat, do you see anything listening on port 5900? You should get an error message if it had failed to bind. Hope that helps.
Current thread:
- vnv injection jvarlet at aressi.fr (Oct 21)
- vnv injection mmiller at hick.org (Oct 21)