[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] vncviewer patched...

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] vncviewer patched...
From: H D Moore <fdlist@xxxxxxxxxxxxxxxxxx>
Date: Tue, 16 May 2006 12:30:07 -0500

No need to patch the client at all. The Metasploit Framework module 
proxies the connection and lets you exploit the flaw with any standard 
client. If you have vncviewer in your path (or are running the Windows 
version of the Framework), it also auto-connects :-)

-HD

http://metasploit.com/projects/Framework/exploits.html#realvnc_41_bypass

On Tuesday 16 May 2006 12:22, evilrabbi wrote:
> Hello,
>
> In case anyone was having trouble patching the vnc client I've supplied
> a patched binary that can be downloaded at
> http://www.nopsled.net/code/vncviewer.exe.<http://www.nopsled.net/code/
>vncviewer.exe>
>
> -- evilrabbi

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] vncviewer patched...
  - From: evilrabbi

References:
- [Full-disclosure] vncviewer patched...
  - From: evilrabbi

Prev by Date: Re: [Full-disclosure] vncviewer patched...
Next by Date: Re: [Full-disclosure] vncviewer patched...
Previous by thread: RE: [Full-disclosure] Wireless access points
Next by thread: Re: [Full-disclosure] vncviewer patched...
Index(es):
- Date
- Thread