Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 7 Feb 2012 17:24:44 -0500
From: Rich Rumble <richrumble@...il.com>
To: john-dev@...ts.openwall.com
Subject: VNC Pcap's for cracking

This topic started out on John-Users, about cracking
Challenge-Response hashes of VNC sessions.

As an FYI
Cain&Abel captures VNC packets in the following format:
VNC.LST (protocol = 3.3 | password = pass1234)
TimeStamp, Server, Client, AuthType, 3Des Encrypted, Challenge
07/02/2012 - 15:48:16	192.168.1.50	192.168.1.103	3DES	19272f8f3b8cf67745bcafb5cde52718	ca448a7c00507f7dc6ad69742ab877b1

Cain&Abel only seems to capture the legacy 3.3 protocol, not the newer
3.7 or latest 3.8. I am including Pcaps for each protocol version.

Here are Doc's on each protocol
3.3 http://grox.net/doc/apps/vnc/rfbproto.pdf
3.7 http://web.archive.org/web/20040325204925/http://www.realvnc.com/docs/rfbproto.pdf
3.8 http://www.realvnc.com/docs/rfbproto.pdf
http://tools.ietf.org/rfc/rfc6143.txt

And here is another cracker VNCcrack, which allows
Jtr as input :) john -i -stdout:8 | ./vnccrack dump.pcap
http://www.randombit.net/code/vnccrack/
This program seemed to compile well, but Botan was
newer than expected and I received no error running it,
nonetheless it did not work on these pcap's.

I've placed these various pcaps on my own server in
a single tarball if anyone is interested.
http://xinn.org/jtr-pcap/jtr-vnc-pcap.tar.gz
-rich

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ