dEEpEst
☣☣ In The Depths ☣☣
Staff member
Administrator
Super Moderator
Hacker
Specter
Crawler
Shadow
- Joined
- Mar 29, 2018
- Messages
- 13,861
- Solutions
- 4
- Reputation
- 32
- Reaction score
- 45,552
- Points
- 1,813
- Credits
- 55,350
7 Years of Service
56%
Ashburn from Asia Global Risk has provided a patch for VNCrack to handle MSLogon decryption.
VNCrack is what it looks like: crack VNC.
The usual Phenoelit stuff again - brute force the hell out of a server. Additional, you may pass a Registry key with the encrypted password or the UNIX password file to VNCrack and it does this simple fixed key decryption for you.
Well, this time we came around the 'cannot assign requested address' - when it happens, we wait 'til all the connections are returned from TIME_WAIT and continue.
After the VNC development team get their point by adding authorization failure counters to VNC, the tool is mostly usefull against older versions and in cooperation with
Well,documentation...
For the moment, I will put here just the stuff from usage() and some comments:
Online: ./vncrack -h target.host.com -w wordlist.txt [-opt's]
Passwd: ./vncrack -C /home/some/user/.vnc/passwd
Windows interactive mode: ./vncrack -W
enter hex key one byte per line - find it in
\HKEY_CURRENT_USER\Software\ORL\WinVNC3\Password or
\HKEY_USERS\.DEFAULT\Software\ORL\WinVNC3\Password
Options for online mode:
-v verbose
-d N Sleep N nanoseconds between each try
-D N Sleep N seconds between each try
-a Just a funny thing
-p P connect to port P instead of 5900
-s N Sleep N seconds in case connect() failed
-R N Wait N seconds when you got blocked
Options for challange/response intercepted by PHoss:
-c Copy and paste from PHoss
-r Copy and paste from PHoss
In Windoze interactive mode, you are prompted for 8 lines of 2-digit hex data. This looks like this:
2F
98
1D
C5
48
E0
9E
C2
You may use 'echo -e "AF\nFE\n..."' for this task and pipe it in VNCrack. It is the stuff you find in the registry keys.
The decryption of files and Registry key is fast, since the key is known.
Version stuff: This proggy replys to the server's version message with bouncing back the same one. But I suspect this program will not work with major versions greater then 3.3.
Download:
Password:
level23hacktools.com
VNCrack is what it looks like: crack VNC.
The usual Phenoelit stuff again - brute force the hell out of a server. Additional, you may pass a Registry key with the encrypted password or the UNIX password file to VNCrack and it does this simple fixed key decryption for you.
Well, this time we came around the 'cannot assign requested address' - when it happens, we wait 'til all the connections are returned from TIME_WAIT and continue.
After the VNC development team get their point by adding authorization failure counters to VNC, the tool is mostly usefull against older versions and in cooperation with
Well,documentation...
For the moment, I will put here just the stuff from usage() and some comments:
Online: ./vncrack -h target.host.com -w wordlist.txt [-opt's]
Passwd: ./vncrack -C /home/some/user/.vnc/passwd
Windows interactive mode: ./vncrack -W
enter hex key one byte per line - find it in
\HKEY_CURRENT_USER\Software\ORL\WinVNC3\Password or
\HKEY_USERS\.DEFAULT\Software\ORL\WinVNC3\Password
Options for online mode:
-v verbose
-d N Sleep N nanoseconds between each try
-D N Sleep N seconds between each try
-a Just a funny thing
-p P connect to port P instead of 5900
-s N Sleep N seconds in case connect() failed
-R N Wait N seconds when you got blocked
Options for challange/response intercepted by PHoss:
-c Copy and paste from PHoss
-r Copy and paste from PHoss
In Windoze interactive mode, you are prompted for 8 lines of 2-digit hex data. This looks like this:
2F
98
1D
C5
48
E0
9E
C2
You may use 'echo -e "AF\nFE\n..."' for this task and pipe it in VNCrack. It is the stuff you find in the registry keys.
The decryption of files and Registry key is fast, since the key is known.
Version stuff: This proggy replys to the server's version message with bouncing back the same one. But I suspect this program will not work with major versions greater then 3.3.
Download:
Password:
level23hacktools.com
Last edited by a moderator: