Date: Wed, 14 Mar 2012 13:26:58 -0400 From: Rich Rumble <richrumble@...il.com> To: john-dev@...ts.openwall.com Subject: Re: VNC Pcap's for cracking On Wed, Mar 14, 2012 at 1:14 PM, Dhiru Kholia <dhiru.kholia@...il.com> wrote: > On Wed, Mar 14, 2012 at 10:02 PM, Dhiru Kholia <dhiru.kholia@...il.com> wrote: >> I have integrated VNCcrack into JtR. See >> https://github.com/magnumripper/magnum-jumbo. For testing, I used >> TightVNC server 1.3.9 (on Ubuntu 11.04) & TightVNC client 1.3.10 (on >> Windows 7) which use RFB Protocol Version 3.8. Testing and adding >> support for other VNC servers and protocol versions is TODO. For now, >> vncpcap2john.cpp (included in git repository) needs to be compiled >> separately. > > vncpcap2john.cpp currently searches for string VNCAUTH_ in the packets > and so it doesn't work for pcap files (made with RealVNC) posted by > Rich earlier. (VNCAUTH_ seems to be TightVNC specific thing). However > Wireshark successfully recognizes VNC challenge and response packets > for different VNC server versions. Time to borrow some code from > Wireshark :-). Anybody familiar with Wireshark's code base and willing > to extend/re-write vncpcap2john.cpp? This is very exciting! Wireshark even has an example pcap of VNC traffic you may want to try: http://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=view&target=vnc-sample.pcap I'll look into the disectors in wireshark, but I doubt I'll be able to code anything (if I did it be a 1st!). -rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.