Re: [PEN-TEST] remote VNC Install

["Brentlinger, Mike (ISS eServices)" <mbrentli () ISS NET>]

 Hummm.... so it works for you now? Well I know that vnc is flaky with the
way it writes its reg settings (especially the password). Though I know that
the thing I sent you has always flawlessly worked for me.

What I would normally do if I didnt like the vnc123 password is just run my
bat file then connect and change the password to what ever I wanted through
the GUI. Its easier than making a new reg export file everytime with a
diffrent password.

Also one thing I could think might have given you troubles is you might be
using a newer version. Im using the oldest version that I could find for the
reason that most (empasis on most) the time when you start vnc for the first
time it doesnt even show up in the tray. Which is a good thing if youre
trying to be sneaky :-)

As a side note, if you want to blow about 90$ (or if you dont care and look
for a few minutes on the web for a reg code) you might want to consider
switching to remotely anywhere www.remotelyanywhere.com in my opinion its
much better than vnc though it works in about the same fashion. The remote
steath install is easier and more reliable, the package that youd need to
push to the box is about the same size, the foot print is as small as vnc,
and you have MUCH more controll over the box (ie start/stop services, user
management. etc etc)

just my 2cents

-Mike Brentlinger
 ISS Chicago



-----Original Message-----
From: Adams, MarkRobert
To: Brentlinger, Mike (ISS eServices)
Sent: 8/24/00 6:03 PM
Subject: New VNC Install

Mike,

Okay, I've spent way too long on this, but it finally paid off.  I
modified
your script like so:

        1. Copy files
        2. Create registry keys
        3. Restore registry keys
        4. Winvnc -install
        5. net start winvnc
        6. net stop winvnc
        7. Restore HKLM\Software\ORL\Default from a box that already has
VNC
installed and configured w/ a password
        8. net start winvnc

What happens is that once the service starts, HKLM\Software\ORL\Default
is created with no information.  The password and other info does not get
added to it until it's set manually at the console (that's a bad thing).
However, once the key is populated, you can use reg.exe to save it.

Point of the point:  If you restore the fully populated
HKLM\Software\ORL\Default and THEN install and start the service for the
first time, the info is wiped out and left blank until someone manually
creates a password at the console (once again, that's a bad thing).
This is why you have to install and start the service and allow it to create
the key, and then perform steps 6, 7 and 8.

You may want to try this yourself, but it worked like a champ for me.
Feel free to distribute this to the PEN-TEST list and fellow coworkers.
        

> Mark Adams
> KPMG LLP
> Information Risk Management
> (713) 319-2561
> (713) 319-2685  (fax)
> mradams () kpmg com
 <<VNCRINST.ZIP>>