[framework] RealVNC exploit issue
H D Moore
hdm at metasploit.com
Fri Jul 28 13:17:18 CDT 2006
The LHOST/LPORT fields should be set the interface and port that the VNC
proxy will bind to. Good values for these are:
LHOST: 0.0.0.0
LPORT: 5900
Once the exploit runs, the module will open the proxy port and try to
connect to it with "vncviewer" if you have it installed (included by
default with the Windows install of the Framework).
-HD
On Friday 28 July 2006 10:50, Mervyn Heng wrote:
> I have Metasploit running on my host OS and a vulnerable Win XP (with
> RealVNC v4.1.1). I used the POC from Blacksecurity and was able to log
> into my virtual machine running the vulnerable version of VNC. I tried
> to do the same with Metasploit but got the attached error page. What
> source IP and port should I be specifying within Metasploit?
More information about the framework
mailing list