Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 7 Feb 2012 17:24:44 -0500
From: Rich Rumble <>
Subject: VNC Pcap's for cracking

This topic started out on John-Users, about cracking
Challenge-Response hashes of VNC sessions.

As an FYI
Cain&Abel captures VNC packets in the following format:
VNC.LST (protocol = 3.3 | password = pass1234)
TimeStamp, Server, Client, AuthType, 3Des Encrypted, Challenge
07/02/2012 - 15:48:16	3DES	19272f8f3b8cf67745bcafb5cde52718	ca448a7c00507f7dc6ad69742ab877b1

Cain&Abel only seems to capture the legacy 3.3 protocol, not the newer
3.7 or latest 3.8. I am including Pcaps for each protocol version.

Here are Doc's on each protocol

And here is another cracker VNCcrack, which allows
Jtr as input :) john -i -stdout:8 | ./vnccrack dump.pcap
This program seemed to compile well, but Botan was
newer than expected and I received no error running it,
nonetheless it did not work on these pcap's.

I've placed these various pcaps on my own server in
a single tarball if anyone is interested.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.