[15005] in bugtraq
vnc remote dictionary based cracker
daemon@ATHENA.MIT.EDU (Patrick Oonk)
Tue May 23 15:05:02 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <20000523093603.A3895@pine.nl>
Date: Tue, 23 May 2000 09:36:03 +0200
Reply-To: patrick@pine.nl
From: Patrick Oonk <patrick@PINE.NL>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
Hi,
I made a small patch to the vncviewer part of the remote access
software vnc, which runs uner a great number of platforms.
With this patch applied, the vncviewer turns into
a neat dictionary based remote cracker. The fun with vnc is
that the password is 8 characters or smaller, and that vnc
has no concept of users, which brings down the number of
possibilities to try.
The patch can be downloaded at
http://www.pine.nl/~patrick/tmp/vnc-crack.patch, and should
be applied to the vncviewer directory of the vnc source tree.
It is based on vnc-3.3.3r1_unixsrc.tgz which can be downloaded
at http://www.uk.research.att.com/vnc/.
It's crude and ugly but it works.
Patrick
--
Patrick Oonk - PO1-6BONE - patrick@pine.nl - www.pine.nl/~patrick
Pine Internet - PAT31337-RIPE - PGPkeyID BE7497F1 - XOIP+31208723350
Tel: +31-70-3111010 - Fax: +31-70-3111011 - http://security.nl
PGP fingerprint A6 12 66 7F 22 84 1B E5 73 8C 99 F7 17 7B A3 98
Excuse of the day: not approved by the FCC
