Slashdot Mirror


Point, Click, Root.

An anonymous reader writes "The Metasploit Project just released version 2.2 of the Metasploit Framework. This release includes a VNC server payload that can be used with almost any of the Windows exploits. The scary thing about this payload is that the VNC server executes as a new thread in the exploited process; without writing any files to the disk drive. Is this the end as we know it for simple remote command shell exploits? A couple articles have already mentioned this project."

5 of 216 comments (clear)

  1. Re:Why? by garcia · · Score: 4, Insightful

    exactly. VNC, while great if you are really interested in controlling a PC remotely, isn't all that useful for trojans/worms.

    You're much better off with a powerful spam relay or self-replicating worm than control over a user's PC, nevermind access via a remote shell like some of the recent worms have allowed.

    Other than fucking with the heads of the users you have infected I don't really see the point. You'd have to be using their machine when they aren't around, you'd have to be doing this in person over VNC which could be very very slow depending on upstream, and it just wouldn't be as useful as a shell which *could* be scripted to automate your desired effect.

  2. Re:Why? by Trolling4Dollars · · Score: 5, Insightful

    Or... you could connect in view-only mode and watch them type in sensitive data. Maybe install a key logger when they aren't around. Dig through their personal file stash and find nudies of their husband or wife and upload them to yafro.com. There's a whole lot of personal nastiness and ID theft that could result from this. Which leads me to lesson #1. NEVER put your PC directly on the internet. If you do, you deserve whatever happens to you.

  3. Nasty. by genixia · · Score: 5, Insightful

    Ugh. This is going to be really popular with the script kiddies. I have to (grudgingly) admit that this is quite elegant though.

    I wonder if running your own (password-protected) vncserver will be any protection against this. I guess it depends on whether the payloaded vncserver can have its port changed or whether it is stuck with the default.

    If it can be changed then this is going to be very nasty. You couldn't even simply firewall all the vnc ports any more as the kiddie could configure the server to run on an unprivileged port. I suppose that SYN flag checking or using a connection-stateful firewall should protect against this.

    Yuck.

  4. The real objective, as usual, is... by James+Turpin · · Score: 5, Insightful

    ... to make security experts more valuable by making security vulnerablities easier to exploit.

    --
    Mathematics is not a crime.
  5. Tough. Security testing should be this easy. by Wakko+Warner · · Score: 4, Insightful

    I am not against full disclosure or the dissemation of security tools I just happen to think that for every one security pro who uses this tool for good there will be a hundred script kiddies who use it for causing havoc.

    There are already plenty of tools out there for that, with more being created every day. I for one am fed up with people who complain every single time something like this, which makes my life easier since I don't have to do any actual work to test out the machines on my network, is introduced.

    Isn't it better to discover, identify, and eliminate the weaknesses in one's network rather than wait for someone less trustworthy to discover, identify, and exploit them without your permission? Isn't that what software like this can help us accomplish?

    There's no stopping software like this. More and better software is being created all the time, and some of it can indeed be used by bad people to do bad things. Rather than complain and fret about the potential evil uses to which it can be put, the sensible person would welcome it as yet another useful tool in their security arsenal.

    Did you also whine about "nmap"?

    - A.P.

    --
    "Remember when the U.S. had a drug problem, and then we declared a War On Drugs, and now you can't buy drugs anymore?"