|
|
The Dark Age Blog
Monday, February 26, 2007
Exploits
Funny what your web site's traffic analysis shows up sometimes. There's a fascinating series of notes on the VNC 4.1.1 exploits on the Milw0rm forum. Go take a look at their search function and type in VNC. The videos of Metasploit should help focus your mind on updating your clients. :-)
Tuesday, February 6, 2007
Mailbag
Seaman writes: First of all, thx for your effort !! it is a great tool for me. But, i have a question. is it possible activate the new VNC config. and no need to reboot the pc?
Well thanks for the props. We aim to please :-) With regards to the VNC config, stopping and restarting the service should be enough for the config to go live. I've always done that in the past and it's been enough for me.
There is one small snag. With the older versions of VNC - versions 3.3.3 - the VncHooks.DLL remains 'stuck' in use and you can't delete it until you have rebooted. Luckily, in Version 4 and up it's not an issue.
Alex Chan writes: Hi, with UltraVNC releasing versions on a fairly regular basis i was wondering is it possible to update the UltraVNC server your fastpush utility pushes out to client machines. I noticed that most of the dll files are located in the UltraVNC folder and i could try copying them over and editing your script to account for new dll names. However i am unsure if will work, and was wondering is there a way of updating UltraVNC myself rather than wait for a new version of your fastpush as i only require to push the server out/ delete old servers.
If the UltraVNC files are pretty much the same name format as before, it shouldn't be too much work to update them.
Line 763 reads:
Well thanks for the props. We aim to please :-) With regards to the VNC config, stopping and restarting the service should be enough for the config to go live. I've always done that in the past and it's been enough for me.
There is one small snag. With the older versions of VNC - versions 3.3.3 - the VncHooks.DLL remains 'stuck' in use and you can't delete it until you have rebooted. Luckily, in Version 4 and up it's not an issue.
----------------------------------------------------
Alex Chan writes: Hi, with UltraVNC releasing versions on a fairly regular basis i was wondering is it possible to update the UltraVNC server your fastpush utility pushes out to client machines. I noticed that most of the dll files are located in the UltraVNC folder and i could try copying them over and editing your script to account for new dll names. However i am unsure if will work, and was wondering is there a way of updating UltraVNC myself rather than wait for a new version of your fastpush as i only require to push the server out/ delete old servers.
If the UltraVNC files are pretty much the same name format as before, it shouldn't be too much work to update them.
- Install or unzip the new UltraVNC files to a test machine.
- You'll then want a copy of the new files that have been installed. Copy these to c:\fastpush\NewUltra.
- When you've got them all, rename one of the existing Ultra folder to ultra.old
- Now rename the newultra to the just Ultra
Line 763 reads:
if exist "%currentpath%\%flav%\au*.dll" xcopy......I put that in so that if there is special DLL required for Ultra, then the system will copy it. If you've got some DLLs in the new Ultra install that Fastpush doesn't cope with. You could add:
if exist "%currentpath%\%flav%\newDLL-number1*.dll" xcopy......I hope that helps.
Archives
Subscribe to Posts [Atom]