RE: Brute force VNC crack

From:
Date: Thu Aug 17 2000 - 08:23:27 EDT

Next message: Stefan Rosik: "VNC quite slow ..."

Previous message: Dries Feys: "RE: Firewall question"
Maybe in reply to: Ernie Oporto: "Brute force VNC crack"
Next in thread: Stefan Rosik: "VNC quite slow ..."
Next in thread: Kenneth Foster: "changing VNC password. Windows specific."
Reply: Stefan Rosik: "VNC quite slow ..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I must confess that I caught this thread in the middle ;)

My point was only that we have develloped a small program to remotely update
the passwords on our 370 servers.

This is to prevent local 'admins' to get control on the machine.

For that purpose, we went to the source code to see how VNC encrypts the
passwd, which btw is rather weaksince it only uses 8 characters, to create
then a small program that remotely injects our supplied password in the
destination Server.

To summarize:

        Of course that we have administration rights on the remote machines!
        we donot care if the local admin is able to change the VNC passwd!
        Because we can always change it back!

I think that that is your issue... cracking machines in which you
don't have access...

Cheers!

-----Original Message-----
From: James ''Wez'' Weatherall [mailto:]
Sent: quinta-feira, 17 de Agosto de 2000 13:18
To:
Subject: Re: Brute force VNC crack

> To crack VNC passwords is as easy as going to the source code and analise
> the VNCAUTH.C
>
> Then in a windows machine you just go to the registry and patch it.
>
> I have done it !

You appear to have missed the point. The registry entry is only encrypted
to prevent it from being readable if you happen to have it up on your screen
in regedit for some reason, not to provide security (that should be done
using registry security under WinNT). If you have access to the Windows
machine then obviously you can change the password, or decrypt it, but since
you already have access to the machine, why on earth would you need to?

The issue people are discussing is the possibility of remote brute-force
cracks against the password.

Hope that helps,

James "Wez" Weatherall

-- "Xenophobes should go back to Xenophobia" Laboratory for Communications Engineering, Cambridge - Tel : 766513 AT&T Labs Cambridge, UK - Tel : 343000 --------------------------------------------------------------------- To unsubscribe, send a message with the line: unsubscribe vnc-list to See also: --------------------------------------------------------------------- --------------------------------------------------------------------- To unsubscribe, send a message with the line: unsubscribe vnc-list to See also: ---------------------------------------------------------------------

----------------------------------------- TridiaVNC - http://www.tridiavnc.com/

Next message: Stefan Rosik: "VNC quite slow ..."
Previous message: Dries Feys: "RE: Firewall question"
Maybe in reply to: Ernie Oporto: "Brute force VNC crack"
Next in thread: Stefan Rosik: "VNC quite slow ..."
Next in thread: Kenneth Foster: "changing VNC password. Windows specific."
Reply: Stefan Rosik: "VNC quite slow ..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by : Thu Aug 17 2000 - 09:55:54 EDT