Date: Sun, 5 Feb 2012 23:22:46 -0500 From: Rich Rumble <richrumble@...il.com> To: john-users@...ts.openwall.com Subject: Re: DES - not "traditional DES-based" - (VNC hash) with JtR On Sun, Feb 5, 2012 at 7:08 AM, A BC <miaou.pbl@...il.com> wrote: > Is there something I missed ? Is there a solution better than another ? I > can code in C under Win/Linux, Python, ... VNC uses a fixed salt and TripleDes, you can get the key from the windows registry or a the config file on a *nix server. The password is easily reversed, no need for cracking. VNCdec.c is one of the first "revealers" I saw for the VNC password. http://packetstormsecurity.org/files/10159/vncdec.c Now as far as sniffing the pass, Cain&Abel (oxid.it) has a sniffer that allows you do that, I believe you can sniff other passwords out of a VNC session. -rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.