WinVNC Password :(

Andrew van der Stock ajv "at" greebo.net
Wed, 26 Sep 2001 01:52:24 +0000


Bader,

This is bad. The problem for you is that the registry permissions are
too weak as well as the ability for any joe bloggs to decode the
password. Did you know that you only need WinVNC's own source code and a
compiler to reverse the password? Additionally, with a copy of WinVNC
server, it is possible any user to create any password they like and
stash it in the registry under NT 4.0 due to very poor registry
permissions. This locks you out of your servers as well.

The best bet in the short term is to:

* On NT and Win2K hosts, change the permissions on HKLM\Software\ORL
keys (and all sub-keys) to disallow "Everyone:Full Control". I suggest
SYSTEM:Full Control, Administrators:Full Control and force that
permission down the key. Remember you need regedt32 on those OS's: XP
introduces a much better single regedit with right clicks & the works.

* Change the password to something new - two distinct passwords: one for
the access controlled hosts, and another for the hosts that lack access
control (if any).

* I suggest removing WinVNC from Win9x/Me hosts as they can never be
secured.

(LOCAL)SYSTEM is the service account for VNC, and Administrators should
have the ability to change the password. The above should work.

If you can code, the best long term bet is to help with the secure VNC
project. I am getting closer to getting a final draft ready of the VNC
RFB protocol 4.0, which enables the use of the vastly more secure SRP,
rather than the reversible 3DES encrypted passwords of today. I am more
than happy to have people help with the RFB 4.0 protocol drafts as it's
a long slog to get _exactly_ right.

I am coming off a long project in Sydney, and should be returning to
Melbourne shortly, where my main machines are, and more to the point,
this leaves me with far more time until the next project.

http://securevnc.sourceforge.net

Come by, and check it out.

Andrew

-----Original Message-----
From: owner-vnc-list "at" uk.research.att.com
[mailto:owner-vnc-list "at" uk.research.att.com] On Behalf Of Bader Saher
Sent: Tuesday, 25 September 2001 18:54
To: vnc-list "at" uk.research.att.com
Subject: WinVNC Password :(


Hi All,

One of my LAN users decode VNC Server password from registry using some
hacking tools and he is playing around my LAN Pcs.

I got a lot of problems with other users in my network.

I think the solution of my problem is to FIX the password inside the VNC

Server Itself.

Can any one guide me how to change (FIX) the password with in VNC Server
and
Recompile my WinVNC Source code.

I Install VisualC++ 6.0 and I try to hack the codebut I think your
helps
will cut my working time.

Thanks in advanced.


_________________________________________________________________
Get your FREE download of MSN Explorer at
http://explorer.msn.com/intl.asp
---------------------------------------------------------------------
To unsubscribe, mail majordomo "at" uk.research.att.com with the line:
'unsubscribe vnc-list' in the message BODY See also:
http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, mail majordomo "at" uk.research.att.com with the line:
'unsubscribe vnc-list' in the message BODY
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------