Windows x64 VNC Server (Reflective Injection), Windows x64 Bind TCP Stager
Listen for a connection (Windows x64), Inject a VNC Dll via a reflective loader (Windows x64) (staged)
Rank
- Normal
Authors
- sf < stephen_fewer [at] harmonysecurity.com >
Vulnerability References
Similar Modules
Usage Information
$ msfconsole
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use payload/windows/x64/vncinject/bind_tcp
msf payload(bind_tcp) > generate
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use payload/windows/x64/vncinject/bind_tcp
msf payload(bind_tcp) > generate
Module Options
| AUTOVNC | Automatically launch VNC viewer if present (default: true) |
| EXITFUNC | Exit technique: seh, process, thread, none (default: process) |
| LPORT | The listen port (default: 4444) |
| RHOST | The target address (default: ) |
| VNCHOST | The local host to use for the VNC proxy (default: 127.0.0.1) |
| VNCPORT | The local port to use for the VNC proxy (default: 5900) |
| DisableCourtesyShell | Disables the Metasploit Courtesy shell |
| DisableSessionTracking | Disables the VNC payload from following the active session as users log in an out of the input desktop |
| VERBOSE | Enable detailed status messages |
| WORKSPACE | Specify the workspace for this module |