Sign in to follow this  
Followers 0
tennessee

tightvnc

8 posts in this topic

Hi all!

Recently me and my friend were playing around with tightvnc

the problem is that the server computer also sees every event, (mousecklick, opening window, etc. on the screen)

My question is: is there a possibility that the server can't see what's happening on the screen? (only the client, who is connected? )

Share this post


Link to post
Share on other sites



Hi all!

Recently me and my friend were playing around with tightvnc

the problem is that the server computer also sees every event, (mousecklick, opening window, etc. on the screen)

My question is: is there a possibility that the server can't see what's happening on the screen? (only the client, who is connected? )

TightVNC is a remote console. Hence your actions are reflected on the local console.

What you want is a 'Terminal Server' service on the server and a TS Client on the remote end. Microsoft charges handsomely for licenses for this (one admin client license is included with their "server" OS's).

:whistle:


Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law

Share this post


Link to post
Share on other sites

TightVNC is a remote console. Hence your actions are reflected on the local console.

What you want is a 'Terminal Server' service on the server and a TS Client on the remote end. Microsoft charges handsomely for licenses for this (one admin client license is included with their "server" OS's).

:whistle:

Thank you for your answer. Basically I'm looking for a rat (remote admin toll) that 1. is not recognized as a virus 2. doesnt't display activity on the "server" side. Is that possible?

Thank you for answers

Share this post


Link to post
Share on other sites

Tennessee, thats not entirely possible, the exception being when a computer is running Microsoft Windows Server 2000 or later (i am not sure if NT server allowed it)

Where you can "terminal" in and login transparent of any user physically sitting at the systems keyboard/screen.

Is there anything in particular you are looking to do?

Specific commands can be carried out remotely in other ways, via remote registry, task execution and file read/write commands.

There is a lot that can be read and manipulated on a system, providing you have administrative rights over it and it is on the same network as you.

Tight VNC (and VNC in general) is designed primarily as a way to interact with the current users desktop, and not as "second login" remote admin tool.

If having a user logged in at the other end is not important, and you just dont want people on the other end seeing what you are doing, then simply enable Remote Desktop services on windows XP (Pro it is there not sure about home)

Right click my computer > Properties > Remote > Allow remote desktop connections

You can then connect to a remote computer via the Microsoft Terminal Services Client:

Start > Run > mstsc > ok

Simply type the machine name or IP and you are away, the remote system will lock, and the currently active user will be kicked ! so be wary how you use it.

Share this post


Link to post
Share on other sites

Maybe UltraVNC can help? It is pretty much TightVNC with a bunch of extra features - including one that lets you blank the server screen and ignore inputs.

From my experience it is at least as fast as Tight VNC too :whistle:

Share this post


Link to post
Share on other sites

No VNC protocols will allow you to issue commands without the user knowing. I think what you want is a trojan like backorifice or netbus which are caught by the virus scanner for a reason.

If you just want to monitor what the user is doing, ultravnc can be hidden almost completely. If you are looking to execute programs without being seen use PsTools http://www.microsoft.com/technet/sysintern...es/PsTools.mspx

Share this post


Link to post
Share on other sites

Yes. I'm definitely looking from something like Netbus or blackOrrifice. The problem with these rats is, that any antivirus programs recognize them as viruses or trojans. There is a possibility of "nopping" these programs in a debugger (like Ollydbg) , changing program netry points etc. , but I can't do that (lack of knowledge ::G). Among the other solutions could be the vnc-programs. In ultravnc there is a possibility to hide the vnc icon from the system tray, as the page states http://www.tightvnc.com/faq.html#hideicon. It also doesn't require installation, only two files (an exe and a dll)

But I also will give ultravnc a try, see what the program can.

Weaponx has written, that ultravnc can be almost completely hidden. I would be glad, if I could more informations upon the possibilities

Thanks

Share this post


Link to post
Share on other sites

Yes. I'm definitely looking from something like Netbus or blackOrrifice. The problem with these rats is, that any antivirus programs recognize them as viruses or trojans. There is a possibility of "nopping" these programs in a debugger (like Ollydbg) , changing program netry points etc. , but I can't do that (lack of knowledge ::G). Among the other solutions could be the vnc-programs. In ultravnc there is a possibility to hide the vnc icon from the system tray, as the page states http://www.tightvnc.com/faq.html#hideicon. It also doesn't require installation, only two files (an exe and a dll)

But I also will give ultravnc a try, see what the program can.

Weaponx has written, that ultravnc can be almost completely hidden. I would be glad, if I could more informations upon the possibilities

If you have Administrative rights to a machine, it is trivial to get a remote process started and running in the background. The only point to a trojan is to utilize the rights of the logged on user without their knowledge/permission. Please explain the need to what you describe if you are an authorized admin with much easier and more legitimate techniques available...?

:whistle:


Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0