Date: Tue, 7 Feb 2012 17:24:44 -0500 From: Rich Rumble <richrumble@...il.com> To: john-dev@...ts.openwall.com Subject: VNC Pcap's for cracking This topic started out on John-Users, about cracking Challenge-Response hashes of VNC sessions. As an FYI Cain&Abel captures VNC packets in the following format: VNC.LST (protocol = 3.3 | password = pass1234) TimeStamp, Server, Client, AuthType, 3Des Encrypted, Challenge 07/02/2012 - 15:48:16 192.168.1.50 192.168.1.103 3DES 19272f8f3b8cf67745bcafb5cde52718 ca448a7c00507f7dc6ad69742ab877b1 Cain&Abel only seems to capture the legacy 3.3 protocol, not the newer 3.7 or latest 3.8. I am including Pcaps for each protocol version. Here are Doc's on each protocol 3.3 http://grox.net/doc/apps/vnc/rfbproto.pdf 3.7 http://web.archive.org/web/20040325204925/http://www.realvnc.com/docs/rfbproto.pdf 3.8 http://www.realvnc.com/docs/rfbproto.pdf http://tools.ietf.org/rfc/rfc6143.txt And here is another cracker VNCcrack, which allows Jtr as input :) john -i -stdout:8 | ./vnccrack dump.pcap http://www.randombit.net/code/vnccrack/ This program seemed to compile well, but Botan was newer than expected and I received no error running it, nonetheless it did not work on these pcap's. I've placed these various pcaps on my own server in a single tarball if anyone is interested. http://xinn.org/jtr-pcap/jtr-vnc-pcap.tar.gz -rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.