Penetration Testing mailing list archives
Re: [PEN-TEST] PC Anywhere protocol
From: "Dunker, Noah" <NDunker () FISHNETSECURITY COM>
Date: Thu, 7 Sep 2000 10:54:38 -0500
Kind of on a side-note, I've noticed that with a quick sniffer i wrote specifically to dump the TCP stream of VNC to a file, I was able to get all sorts of data from VNC. All typed text goes over in clear-text, but mixed amongst a heap of other garbage (probably "video" data getting transferred to "draw" the character on the remote screen). It might be helpful with "Screenspy" (I know, you said not to hold my breath)... The passwd does seem to get sent over in an encoded/encrypted format... probably the same format it stores it in the file/registry... Anyone remember a similar problem (hey dude, pass the hash, I'm jones-in')? -----Original Message----- From: Dug Song [mailto:dugsong () MONKEY ORG] Sent: Wednesday, September 06, 2000 6:26 PM To: PEN-TEST () SECURITYFOCUS COM Subject: Re: PC Anywhere protocol On Wed, 6 Sep 2000, Oliver Friedrichs wrote:
dsniff is the only place I've seen any sort of information on the protocol. Doing the newer version could be more of a challenge however, since they incorporate MS Crypto API.
i'd be happy to try reversing the protocol from any packet dumps ppl have of successful/failed logins for the latest version of pcAnywhere. or any other interesting/proprietary protocol dsniff doesn't handle yet. -d. --- http://www.monkey.org/~dugsong/
Current thread:
- [PEN-TEST] Carbon Copy Question, (continued)
- [PEN-TEST] Carbon Copy Question Scott Lupro (Sep 07)
- Re: [PEN-TEST] Carbon Copy Question Teicher, Mark (Sep 07)
- Re: [PEN-TEST] Carbon Copy Question Jim Watt (Sep 07)
- [PEN-TEST] Carbon Copy Question Scott Lupro (Sep 07)
- Re: [PEN-TEST] PC Anywhere protocol Meritt, Jim (Sep 06)
- Re: [PEN-TEST] PC Anywhere protocol Oliver Friedrichs (Sep 06)
- Re: [PEN-TEST] PC Anywhere protocol Dug Song (Sep 07)
- Re: [PEN-TEST] PC Anywhere protocol krisk (Sep 07)
- Re: [PEN-TEST] PC Anywhere protocol Heather Field (Sep 06)
- Re: [PEN-TEST] PC Anywhere protocol Teicher, Mark (Sep 07)
- Re: [PEN-TEST] PC Anywhere protocol Eddie Gradek (Sep 07)
- Re: [PEN-TEST] PC Anywhere protocol Dunker, Noah (Sep 07)
- Re: [PEN-TEST] PC Anywhere protocol Security Related (Sep 07)
- Re: [PEN-TEST] PC Anywhere protocol Pascal Longpre (Sep 07)