Get VNC session using Metasploit

On this post, I’m going to guide you how to get VNS session using Metasploit.

Virtual Network Computing

In computing, Virtual Network Computing (VNC) is a graphical desktop sharing system that uses the Remote Frame Buffer protocol (RFB) to remotely control another computer. It transmits the keyboard and mouse events from one computer to another, relaying the graphical screen updates back in the other direction, over a network.

VNC is platform-independent – there are clients and servers for many GUI-based operating systems and for Java. Multiple clients may connect to a VNC server at the same time. Popular uses for this technology include remote technical support and accessing files on one’s work computer from one’s home computer, or vice versa.

VNC was originally developed at the Olivetti & Oracle Research Lab in Cambridge, United Kingdom. The original VNC source code and many modern derivatives are open source under the GNU General Public License. _Wikipedia

Why do you need to get VNC session?

You can monitor the actions on the victim’s monitor, make screenshots in time, collect interesting information, turn on the keylogger, extract passwords from accounts of interest to us, and so on.

How to get VNC session

  1. Get meterpreter session using Metasploit, I recommend you to view Exploitation video playlists on my Youtube channel.
  2. Use metasploit module to privilege escalations.
  3. Use bgrun vnc command
  4. Enjoys!

Demo

https://www.youtube.com/watch?v=SX-VOxz91xw