VNC Password Cracker, VNCcrack
by The Uni-Hacker on Nov.12, 2008, under Security
After running several network scans I’ve noticed more and more computers running a VNC Server. VNC basically lets you take full control over a computer as if you were actually sitting in front of the computer. After noticing this I thought, boy it would be nice if there was a VNC Password Cracker out there, and I found one called “VNCcrack”.
VNCcrack is a fast offline password cracker for the VNC challenge/response protocol. If one can somehow observe a VNC authentication, then VNCcrack can run a dictionary attack against the exchange and attempt to find the password.
It works by scanning a pcap file (as generated by the common tcpdump tool) for VNC challenge/response exchanges, then checks against a preexisting wordlist (reading from stdin is also supported, allowing the use of John the Ripper, see the documentation in the tarball for further information). It is quite fast and can check well over a million passwords a second on a 2.4 GHz Core2 processor.
It has been tested to successfully recover the password of an exchange between a Gentoo Linux/amd64 client and a Windows XP/x86 server, both running TightVNC 1.3.9.
to view the picture in full size. |  |  |  |
 |  |  |  |
 |  |  |  |
