'VNCInject'에 해당되는 글 1

  1. 2008.09.07 Using the Metasploit as a VNC backdoor (1)

Using the Metasploit as a VNC backdoor

2008.09.07 13:05 | Posted by bar4mi
Recently my fellows often asked me to give a VNC backdoor. 

I made it to test client security about two years ago. It's just a shell which had some useful functions to handle the tight VNC client. It could make the tight VNC client to hide, to download, and to execute stealthily. I satisfied it before I met the improved Metasploit(http://www.metasploit.com/).

It was released July of 2003. I just regarded it as a tool which had some exploits. About the first of this year I studied it with my intimate elders(swbae, popeye) and some good people. Its usability was amazing. Its functions improved exceedingly when I met it first. I'd like to express my heartfelt thanks to H D Moore.

We can make a VNC backdoor using msfpayload which is in the Metasploit. The virtual environment and procedure likes a picture below.

First we make a VNC binary which will be executed and give me a whole control of the victim's PC. We can make it simply using msfpayload. 

Next, we have to launch the listener, which will waiting the victim's connection, using msfcli. LHOST is attacker's PC and RHOST is the victim's PC. It is required to disable the Courtesy Shell.

This step, we need to waiting for being executed by the victim. we can use many methods to do it. The success of this step is up to your social engineering or technique. If we succeed it, we can see the connection like below.

The ONE thing when we verify the connection is to take a whole control of the victim's PC. We can connect its VNC Server(localhost:5900) using VNC client. 



신고
이전 1 다음

티스토리 툴바