Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 14 Mar 2012 13:26:58 -0400
From: Rich Rumble <>
Subject: Re: VNC Pcap's for cracking

On Wed, Mar 14, 2012 at 1:14 PM, Dhiru Kholia <> wrote:
> On Wed, Mar 14, 2012 at 10:02 PM, Dhiru Kholia <> wrote:
>> I have integrated VNCcrack into JtR. See
>> For testing, I used
>> TightVNC server 1.3.9 (on Ubuntu 11.04) & TightVNC client 1.3.10 (on
>> Windows 7) which use RFB Protocol Version 3.8. Testing and adding
>> support for other VNC servers and protocol versions is TODO. For now,
>> vncpcap2john.cpp (included in git repository) needs to be compiled
>> separately.
> vncpcap2john.cpp currently searches for string VNCAUTH_ in the packets
> and so it doesn't work for pcap files (made with RealVNC) posted by
> Rich earlier. (VNCAUTH_ seems to be TightVNC specific thing). However
> Wireshark successfully recognizes VNC challenge and response packets
> for different VNC server versions. Time to borrow some code from
> Wireshark :-). Anybody familiar with Wireshark's code base and willing
> to extend/re-write vncpcap2john.cpp?
This is very exciting! Wireshark even has an example pcap of VNC traffic
you may want to try:
I'll look into the disectors in wireshark, but I doubt I'll be able to
code anything
(if I did it be a 1st!).

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.