Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: VNC viewers: Clipboard of host automatically sent to remote machine
From: Ben Bucksch <news () bucksch org>
Date: Tue, 24 Jan 2012 19:38:51 +0100

On 24.01.2012 19:18, Mario Vilas wrote:
You're reporting that if you copy and paste sensitive information and
connect to a VNC session your clipboard data gets sent to the remote
machine. That's pretty obvious

If I have a VNC window somewhere on my desktop (in my case a virtual 
desktop or minimized), and continue with my work, 3 hours later when I 
work on some document or use some webapp, I don't remember that I have 
VNC session open and no, it's not obvious at all that this other host 
can read the communication between my local apps.

On top of that, the attack scenario doesn't sound too good either. I
fail to see why would you need to copy&paste a password to access an
untrusted machine and then worry that machine might get to see the
password to itself.

You misunderstood. The remote machine can see *any* clipboard entries, 
even if I do something entirely different in a completely different 
application. I am browsing or using SSH and paste my password there, 
because the FF password manager failed, or I'm in a word processor or 
email app and write some document, which is entirely unrelated to the 
VNC session. I haven't looked at the VNC host since hours (but I have it 
constantly open for tasks that I need to do with untrusted software in a 

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]