Brute force VNC crack

Luis.F.Correia@seg-social.pt Luis.F.Correia "at" seg-social.pt
Thu, 17 Aug 2000 14:48:07 +0000


I must confess that I caught this thread in the middle ;)

My point was only that we have develloped a small program to remotely update
the passwords on our 370 servers.

This is to prevent local 'admins' to get control on the machine.

For that purpose, we went to the source code to see how VNC encrypts the
passwd, which btw is rather weaksince it only uses 8 characters, to create
then a small program that remotely injects our supplied password in the
destination Server.

To summarize:

	Of course that we have administration rights on the remote machines!
	we donot care if the local admin is able to change the VNC passwd!
	Because we can always change it back!

	I think that that is your issue... cracking machines in which you
don't have access...

Cheers!

-----Original Message-----
From: James ''Wez'' Weatherall [mailto:jnw22 "at" cam.ac.uk]
Sent: quinta-feira, 17 de Agosto de 2000 13:18
To: vnc-list "at" uk.research.att.com
Subject: Re: Brute force VNC crack


> To crack VNC passwords is as easy as going to the source code and analise
> the VNCAUTH.C
>
> Then in a windows machine you just go to the registry and patch it.
>
> I have done it !

You appear to have missed the point.  The registry entry is only encrypted
to prevent it from being readable if you happen to have it up on your screen
in regedit for some reason, not to provide security (that should be done
using registry security under WinNT).  If you have access to the Windows
machine then obviously you can change the password, or decrypt it, but since
you already have access to the machine, why on earth would you need to?

The issue people are discussing is the possibility of remote brute-force
cracks against the password.

Hope that helps,

James "Wez" Weatherall
--
          "Xenophobes should go back to Xenophobia"
Laboratory for Communications Engineering, Cambridge - Tel : 766513
AT&T Labs Cambridge, UK                              - Tel : 343000
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to majordomo "at" uk.research.att.com
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to majordomo "at" uk.research.att.com
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------