Home page logo
/

basics logo Security Basics mailing list archives

Re: msf > use auxiliary/scanner/vnc/vnc_login
From: Eric Schultz <fire0088 () gmail com>
Date: Fri, 1 Nov 2013 11:13:28 -0400

ToddAndMargo,

Error messages (or a lack of error messages) can vary depending on the
module used as each module is indivigually programmed. when you have
questions about a particular module, you should check out the online
documentation. The information page for the module you're asking about
is located here:
http://www.offensive-security.com/metasploit-unleashed/Scanner_VNC_Auxiliary_Modules

Notice the third dark-grey text box down from the top. This is a
sample of a typical run of the module (what you can expect to see on
your screen). Notice at the bottom, there is a message that says:

[*] Scanned 11 of 11 hosts (100% complete)
[*] Auxiliary module execution

Do you receive this message? This signifies that the module has
completed. If you do not see that message, your module is encountering
hangups or errors.
If valid credentials are discovered, the module does not make a shell
or establish a VNC connection. You can notice, based on the path for
the module, that the module is considered a "scanner." If valid
credentials are discovered they will appear as a green [+] symbols as
depicted in the grey text box from the link above.

If you want to know more about the metasploit module, feel free to
view the module's source code. On Kali, it can be located here:
/usr/share/metasploit-framework/modules/auxiliary/scanner/vnc

Good Luck.

On Thu, Oct 31, 2013 at 1:47 PM, ToddAndMargo <ToddAndMargo () zoho com> wrote:
On Oct 31, 2013 1:34 PM, "ToddAndMargo" <ToddAndMargo () zoho com

<mailto:ToddAndMargo () zoho com>> wrote:

    Hi All,

    I decided to test Metasploit against an open VNC
    server, following the following directions:

    https://www.rapid7.com/db/__modules/auxiliary/scanner/vnc/__vnc_login
<https://www.rapid7.com/db/modules/auxiliary/scanner/vnc/vnc_login>


    After entering at the msf prompt:
        use auxiliary/scanner/vnc/vnc___login


    I never get my prompt back.

    According to the directions, I should
    be able to enter:
          msf auxiliary(vnc_login) > show actions

    What am I missing?

    Many thanks,
    -T


On 10/31/2013 09:17 AM, Ivan Carlos wrote:

This server is vulnerable against this exploit?

Ivan Carlos
CISO, Consultant
+55 (11) 98112-0666
www.icarlos.net <http://www.icarlos.net>


Hi Ivan,

  I think I understand.  If the vnc server rejects the
exploit, you never get the "msf" prompt back because
it never proceeded far enough with the exploit.

  So, this is good news?  Be nice if you got some
feedback as to trying and not working.

-T



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL
certificate.  We look at how SSL works, how it benefits your company and how
your customers can tell if a site is secure. You will find out how to test,
purchase, install and use a thawte Digital Certificate on your Apache web
server. Throughout, best practices for set-up are highlighted to help you
ensure efficient ongoing management of your encryption keys and digital
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault