Point, Click, Root.
An anonymous reader writes "The Metasploit Project just released version 2.2 of the Metasploit Framework. This release includes a VNC server payload that can be used with almost any of the Windows exploits. The scary thing about this payload is that the VNC server executes as a new thread in the exploited process; without writing any files to the disk drive. Is this the end as we know it for simple remote command shell exploits? A couple
articles have already mentioned this project."
Or... you could connect in view-only mode and watch them type in sensitive data. Maybe install a key logger when they aren't around. Dig through their personal file stash and find nudies of their husband or wife and upload them to yafro.com. There's a whole lot of personal nastiness and ID theft that could result from this. Which leads me to lesson #1. NEVER put your PC directly on the internet. If you do, you deserve whatever happens to you.
Un-news
Ugh. This is going to be really popular with the script kiddies. I have to (grudgingly) admit that this is quite elegant though.
I wonder if running your own (password-protected) vncserver will be any protection against this. I guess it depends on whether the payloaded vncserver can have its port changed or whether it is stuck with the default.
If it can be changed then this is going to be very nasty. You couldn't even simply firewall all the vnc ports any more as the kiddie could configure the server to run on an unprivileged port. I suppose that SYN flag checking or using a connection-stateful firewall should protect against this.
Yuck.
... to make security experts more valuable by making security vulnerablities easier to exploit.
Mathematics is not a crime.