Point, Click, Root.
An anonymous reader writes "The Metasploit Project just released version 2.2 of the Metasploit Framework. This release includes a VNC server payload that can be used with almost any of the Windows exploits. The scary thing about this payload is that the VNC server executes as a new thread in the exploited process; without writing any files to the disk drive. Is this the end as we know it for simple remote command shell exploits? A couple
articles have already mentioned this project."
The cool thing about the VNC payload is that it works if the machine is not logged in, or if the screen is locked.
How does something start off as a "portable network game" and end up as a f*cking remote GUI root?
Un-news
For all the whining about how this makes it so easy for script kiddies, consider that it also makes it so easy for admins who are not in tune with the latest script kiddy 'sploits. This allows them to quickly test their networks in click-n-drool fashion. This can be a very useful tool.
-
What a sad day when even taking over someone's machine can be done point-and-click style. Seemed so much more personal when you just had a remote shell.
Those days have been gone for a while, script kiddies routinely point n' click to take over machines. They might have to *gasp* type something in an IRC channel to control their zombies but it's all highly idiot-proof. (Which is good I suppose since most script kiddies seem to be idiots.)So, what you're saying is that the tool is only useful if it allows you to do something malicous with the machine? I guess we know which side of the computer security fence you're on. ;-)
Trouble making decisions? Just flip for it.
Incidentally, note that this isn't a hole in VNC. It's an attack that installs VNC. VNC doesn't have to be present on the target before the attack.
I would hope that any self-respecting cracker would scoff at using this. So I wonder if it wasn't some self-respecting cracker who came up with this, just to give the script kiddies something to play with. While they keep the admins concerned about VNC hacks, the real crackers can get their work done under the radar, using the good ol' command line.
Or maybe it's time to find my tin-foil hat...
Always go to other people's funerals, otherwise they won't come to yours.
No, it's quite simple.
/encouraging neighbourhood kids to throw rocks at passing cars.
The easier it is for any 13 year old asshat to exploit these vulnerabilities, the more the value of self-titled "security experts" goes up. Then they can jack small businesses for a 5 grand "consulting fee" to recommend they install a firewall.
They're creating a problem in the hopes they'll be paid to solve it, in short.
Kind of like a windshield salesman going around daring
I don't need no instructions to know how to rock!!!!