Metasploit and VNC Password Bruteforcing

You probably missed it but jduck recently snuck in a VNC mixin and vnc_login module to the trunk.
This is awesome because before that I had to use Immunity's VAAseline to do VNC bruteforcing. But now you can just use vnc_login.
So the scenario is you find yourself on the other end of a VNC server.

Its tedious to password guess like this
Instead let's use the metasploit module


and throw a dictionary attack against the VNC server

Looks like the VNC no auth module had been ported and stuck in there too :-)

# ITS © 
# 2009 - 2011

Null Session Hacking on Windows

Practical Exploitation - Null Session Enum from .

A NULL session connection is an unauthenticated connection to an Windows machine. Gaining NULL session access to a Windows system is the number one method for hackers to enumerating information about the machine. From a NULL session hackers can call APIs and use Remote Procedure calls to enumerate information. These techniques can, and will provide information on passwords, groups, services, users and even active processors. NULL session access can also even be used for escalating privileges and perform DoS attacks.


# ITS™
# 2009 - 2010

===[ ADS ]===
Microsoft Windows XP Home Edition UPGRADE with SP2
Microsoft Windows XP Professional Full Version with SP2

Root Shell via Metasploit and MySQL Client on Metasploitable

In this video, redmeat_uk demonstrates how to obtain a root shell from Metasploitable, a VMware machine of vulnerable applications and services. This example will demonstrate how to obtain a root shell via Metasploit auxiliary modules and the MySQL client

# ITS™

# 2009 - 2010

Kitrap0d in Metasploit 3.3.4 Dev

# ITS ©

# 2009 - 2010

The Aurora IE Exploit in Metasploit

# ITS ©

# 2009 - 20010

Metasploit AV Evasion Technique

How to modify the meterpreter binary and make it undetectable by an Anti-Virus.

# ITS™

# 2008 - 2009

ITS Wallpaper

Email Harvesting using Metasploit

# ITS ©
# 2008 - 2009

NTLM Challenge Credential Theft with BeEF and Metasploit

# ITS ©
# 2008 - 2009

Metasploit MSSQL Payload Delivery

Module added to MSF for delivering payload through MSSQL.
Payload HERE


# ITS ©
# 2008 - 2009

Metasploit Reverse VNC Hidden In A Macro Word File

# ITS ©

# 2008 - 2009

Deploying Metasploit as a Payload on a Rooted Box

# ITS ©

# 2008 - 2009

Ubuntu Package Backdoor using a Metasploit

This is a great demo where he shows how to create a trojan using the xbomb game package. He creates the trojan by bundling a Metasploit reverse TCP stager payload with the game package. When the game is installed and executed, the Metasploit payload executes and connects back to the attacker, giving him a shell on the system. As most installations are done as root, this in most cases will end up becoming a root shell. :) Very creative! This is another example to show that Linux Malware can very easily be written and deployed, contrary to popular belief.

# ITS ©

# 2008 - 2009

Pwning using OpenVAS and Metasploit

OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner with associated tools like a graphical user front-end. The core component is a server with a set of network vulnerability tests (NVTs) to detect security problems in remote systems and applications.

# ITS ©

# 2008 - 2009

Browser based Exploitation using Metasploit and Ettercap

Web Browsers are slowly becoming a popular and easy attack vector for hackers. Recently, a lot of vulnerabilities were discovered in major browsers such as IE and Firefox. Also, the Flash player, ActiveX controls and PDF files have had a recent history of exploitable vulnerabilities. Exploit frameworks such as Metasploit and the new BeEF (Browser Exploitation Framework) have made the process very simple for hackers.

In this video, Chris Centore demonstrates a browser exploitation using Metasploit and Ettercap. The victim is on the same LAN as the attacker, but has its firewall enabled. Thus attacking service ports on the victim is ruled out. Chris redirects the victim's web traffic to his attack server running Metasploit by using Ettercap to conduct a DNS spoofing attack. Once the victim requests the attacker's server for a web page, it serves the victim the exploit. The victim succumbs and the attacker has complete access to the victim's computer. Chris explains the entire process in a very detailed yet simple to understand way. Great video!

# ITS ©
# 2008 - 2009

Ettercap filter html injection using Metasploit meterpreter payload

Ettercap filter html injection using Metasploit  "meterpreter" payload

# ITS ©

# 2008 - 2009