cyoung_mi Posted July 14, 2009 Share Posted July 14, 2009 Hi, I was wondering if anyone has found a way to hide a quiet vnc server installation in something small like a movie file or some other type of attachment? I'm wondering if it's possible to email someone a simple attachment ( one that might pass a virus scan ) that once they extract or run it, it shows something "Fun" like a silly movie, or the like but also installs VNC server service quietly and updates something like dyndns.org? I'm guessing either the virus scan would catch VNC install, or windows would popup the internet access to dyndns.org ( vista for sure ). This could be really nasty and I hope there are ways to block this or protect yourself. Thanks! Chris Quote Link to comment Share on other sites More sharing options...
Sparda Posted July 14, 2009 Share Posted July 14, 2009 Unless there is a vulnerability in a particulate system that acts upon other wise non-executable files, then there is no way to use non-executable files to install or run stuff. The majority of file types that do allow code execution (exe, msi, bat, com, dll, lnk) are blocked by most email services. Quote Link to comment Share on other sites More sharing options...
decepticon_eazy_e Posted July 14, 2009 Share Posted July 14, 2009 Unless there is a vulnerability in a particulate system that acts upon other wise non-executable files, then there is no way to use non-executable files to install or run stuff. The majority of file types that do allow code execution (exe, msi, bat, com, dll, lnk) are blocked by most email services. this thread has been done to death, it was only a couple weeks ago, check the history. Quote Link to comment Share on other sites More sharing options...
cyoung_mi Posted July 14, 2009 Author Share Posted July 14, 2009 Sorry for doing something to death.. I did a search for VNC.. I understand most exe and such are blocked, but perhaps if the exe was zipped, it might pass ok. and I wasnt clear I guess.. I didnt mean try and embed VNC into a jpg or avi file.. I meant, hidding VNC server install inside a exe that does something simple, so the user thinks it worked. ( maybe like a keygen program or something simple ) Basicly I am asking if there a way for someone to sneak a VNC server install on your machine without you knowing. and if so, how do you protect yourself? ( besides the well known idea of "DONT OPEN ATTACHMENTS!" haha ) Quote Link to comment Share on other sites More sharing options...
lopez1364 Posted July 14, 2009 Share Posted July 14, 2009 This is actually a lot simpler than it seems. First of all attaching VNC to a jpg or avi will set all all kinds of alerts but what you need to do is attach a meterpreter exe to a trusted program or even (dark package it) that you can run a script to send a vnc to the machine. I have tested this scenario and always works like a charm. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.