VNC-List digest, Vol 1 #80 - 27 msgs

[David Howe]

From: "Alif Yukkas" <alifyukkas "at" hotpop.com>
Organization: PT. AAA Sekuritas
To: vnc-list "at" realvnc.com
Date: Mon, 22 Jul 2002 18:54:35 +0700
Subject: VNC Backdoor Password: Is it true?
>Dear All,
>I heard from somewhere that VNC has a backdoor password.
>I just curious, is it true or not?
Short answer? no.
longer answer would be - VNC uses a hardcoded DES encryption password to encrypt the actual password, and certain tools take advantage of this (you can decrypt the password almost instantly if you have access to the registry, but then, you can do that by running snadboy against the password box on the dialog too) however, that hardcoded password is set in the source, so there is nothing stopping you changing it yourself and recompiling. It may have been that hardcoded password that was referred to as a "backdoor".