hakgipc Posted August 6, 2006 Share Posted August 6, 2006 in auditor there is a app called Vncrack ... and my best mate dared me to try and hack in his vnc he selected a random http port to make it harder 4 me but that was no prob with nmap .. but now when i got to his iip:5800 he has a pw to acces his vnc and i need 2 find out a way 2 crack it posibly with vncrack posibly a brutforce can anyone help Quote Link to comment Share on other sites More sharing options...
stingwray Posted August 6, 2006 Share Posted August 6, 2006 There was an exploit in one of the VNC packages a while ago that ment you could log on without needing the password. Look into this. Then you could also sniff his password and crack it then. As shown in Hak.5 before. I wouldn't go with bruteforcing unless you know he has set it as something simple, otherwise, see you in a couple of thousand years. Quote Link to comment Share on other sites More sharing options...
Sparda Posted August 6, 2006 Share Posted August 6, 2006 I belive the vunrability was only in the RealVNC server stingwray (and of course it was patched). Quote Link to comment Share on other sites More sharing options...
stingwray Posted August 6, 2006 Share Posted August 6, 2006 Yeah I couldn't remember which software it was, but i believe the code from RealVNC was used in a couple of other projects and they were vulnerable. And also, even if the latest version hasn't got the problem his friend might not be running the latest version so its always worth a quick try. Quote Link to comment Share on other sites More sharing options...
Sparda Posted August 6, 2006 Share Posted August 6, 2006 Apparently it's been added to the Metasploit framework so it should be as easy as typing in his IP address, port number and pressing go. Quote Link to comment Share on other sites More sharing options...
hakgipc Posted August 6, 2006 Author Share Posted August 6, 2006 Then you could also sniff his password and crack it then. As shown in Hak.5 before. how do i do a sniff when he is not on my network? can u plz tel me how to do so Quote Link to comment Share on other sites More sharing options...
Sparda Posted August 6, 2006 Share Posted August 6, 2006 Then you could also sniff his password and crack it then. As shown in Hak.5 before.how do i do a sniff when he is not on my network? can u plz tel me how to do so You don't ARP poison the internet thats for sure You could put a keylogger on a computer he uses to connect to his vnc server. Quote Link to comment Share on other sites More sharing options...
stingwray Posted August 7, 2006 Share Posted August 7, 2006 how do i do a sniff when he is not on my network? can u plz tel me how to do so You don't. Quote Link to comment Share on other sites More sharing options...
hakgipc Posted August 7, 2006 Author Share Posted August 7, 2006 lol sparda stingray dosnt et wat ur saying he took it the wrong way. its a thing between us lol Quote Link to comment Share on other sites More sharing options...
melodic Posted August 7, 2006 Share Posted August 7, 2006 lol sparda stingray dosnt et wat ur saying he took it the wrong way. its a thing between us lol please change your sig. its long and annoying. or i will get it changed for you. Quote Link to comment Share on other sites More sharing options...
VaKo Posted August 8, 2006 Share Posted August 8, 2006 it be wack man! Quote Link to comment Share on other sites More sharing options...
melodic Posted August 8, 2006 Share Posted August 8, 2006 VaKo NWA pwnz lmfao i saw the striaght outa compton cd in asda for £3.97! the gf wouldnt let me buy it though =( </random chat> Quote Link to comment Share on other sites More sharing options...
VaKo Posted August 8, 2006 Share Posted August 8, 2006 I demand that you go back to the store, buy it, and play it on the bus home. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.