Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [PEN-TEST] Decrypting VNC passwords - Tool required

From: Max Vision <vision () WHITEHATS COM>
Date: Mon, 21 Aug 2000 18:00:48 -0700
On Mon, 21 Aug 2000, erica bernt wrote:

My specific questions to you is what tool would you
recommend to decrypt this password ? and are there any
other ways to attack VNC ?


quick dump at: http://whitehats.com/vnc/


On a more general level, what are the most formidable
remote management tools that are out there that you
have most difficulty to detect and penetrate ?


BO2K when properly configured can be extremely difficult to detect or
crack.  Detection is usually accomplished on a LAN by analysis of the
TCPIO structure (there is a header that correlates to packet structure, as
well as a reliable way to decrypt the packet) (0xCDC31337, heh).
Remote detection is pretty much out of the question though.  Cracking
could probably be accomplished through dictionary/bruteforce as long as
xor is used, I haven't tried it myself but there are unix clients that I'm
sure could be turned into cracking machines quickly (boclient).  But
finding the UDP port in use is not going to be easy, and smarties use
blowfish, cast, or other fun crypto anyway.

BO2K has really taken off too - I was surprised to see it as the top
download at sourceforge.net right now.

Max Vision
http://whitehats.com
Previous By Date Next
Previous By Thread Next

Current thread: