VNCrack

The quick thing about VNC

[Download |Documentation |Mail ]

Well,documentation...

For the moment, I will put here just the stuff from usage() and some comments: 

Online: ./vncrack -h target.host.com -w wordlist.txt [-opt's]
Passwd: ./vncrack -C /home/some/user/.vnc/passwd
Windows interactive mode: ./vncrack -W 
        enter hex key one byte per line - find it in
	\HKEY_CURRENT_USER\Software\ORL\WinVNC3\Password or
	\HKEY_USERS\.DEFAULT\Software\ORL\WinVNC3\Password

Options for online mode:
-v      verbose
-d N    Sleep N nanoseconds between each try
-D N    Sleep N seconds between each try
-a      Just a funny thing
-p P    connect to port P instead of 5900
-s N    Sleep N seconds in case connect() failed

Options for challange/response intercepted by PHoss:
-c   Copy and paste from PHoss
-r    Copy and paste from PHoss

In Windoze interactive mode, you are prompted for 8 lines of 2-digit hex data. This looks like this: 

2F
98
1D
C5
48
E0
9E
C2
You may use 'echo -e "AF\nFE\n..."' for this task and pipe it in VNCrack. It is the stuff you find in the registry keys.
The decryption of files and Registry key is fast, since the key is known.

Version stuff: This proggy replys to the server's version message with bouncing back the same one. But I suspect this program will not work with versions greater then 3.3.