Penetration Testing mailing list archives
Re: VNC challenge/response
From: Tim <tim-pentest () sentinelchicken org>
Date: Mon, 11 Feb 2008 19:00:19 -0800
I sniffed an unencrypted VNC session between my test machines. I noticed that a challenge (\337n\304KG\311\021\302\344\246\333i\375\324\316\341) sent from the server and the response (h\374\215d\306\207B\n^\243d]\222(j\242) from the client. I know the password because it was set by me but I was wondering what format the challenge/response is in and how to reverse it?
VNC was open sourced long ago. You can obtain many implementations of the same hashing if you look around for them. IIRC, the hashing is pretty weak. tim ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- VNC challenge/response barcajax (Feb 11)
- Re: VNC challenge/response Tim (Feb 14)