|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-Disclosure] XP Remote Desktop Remote Activation
From: H D Moore (fdlist
digitaloffense.net)
Date: Sun Oct 03 2004 - 00:58:18 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
If the exploit was written as a module for the Metasploit Framework, just
select the VNC in-memory DLL injection payload and call it done. This
payload has the following advantages:
- No files are written to disk, the AV has no chance of catching it
- The VNC server is a thread in the exploited app's process
- The payload works in read-only mode if admin privs aren't obtained
- It will use the WinLogon desktop if locked or nobody is logged in
- A command prompt is provided with the privs of the exploited process
- If the exploit causes the app to exit on crash, no traces are left
http://metasploit.com/images/vnc.jpg
http://metasploit.com/projects/Framework/
-HD
On Friday 01 October 2004 23:50, Fixer wrote:n
> ____________________________________________________________________
> Windows XP Professional provides a service called Remote Desktop,
> which allows a user to remotely control the desktop as if he or she
> were in front of the system locally (ala VNC, pcAnywhere, etc.).
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]