|
Penetration Testing
mailing list archives
Re: [PEN-TEST] Decrypting VNC passwords - Tool required
From: Loki <loki.loa () SUBDIMENSION COM>
Date: Mon, 21 Aug 2000 23:56:00 -0700
I too am looking for more pen-testing tools for VNC. I am seeing a large
amount of uprising in the use of it at different companies. Its recent
widespread use has sparked my curiosity in wanting to learn more about it.
Please advise.
----------------------------------------------------------------------
Loki [LoA]
loki.loa () subdimension com
"A verse from Saint Paul stays with me. It is perhaps the strangest
passage in the Bible in which he writes: Even now in Heaven there were
angels carrying savage weapons."
----------------------------------------------------------------------
PGP Key fingerprint = 67 1D 12 BE 61 D6 63 B2 6A 8C F8 A1 80 88 1B 4
[jbrill () nasa gov]# ./crack /etc/passwd > passwd.cr
[jbrill () nasa gov]# su - root
[root () nasa gov]#
----------------------------------------------------------------------
-----Original Message-----
From: Penetration Testers [mailto:PEN-TEST () SECURITYFOCUS COM]On Behalf
Of erica bernt
Sent: Monday, August 21, 2000 4:37 AM
To: PEN-TEST () SECURITYFOCUS COM
Subject: [PEN-TEST] Decrypting VNC passwords - Tool required
Hi Everyone,
I was doing an audit of some systems and managed to
penetrate into the NT domain. I see that VNC is
installed and so I picked up the DES encrypted
password from the registry. As per :
http://www.securiteam.com/securitynews/VNC_3_3_2_R6_uses_a_weak_password_pro
tection_mechanism.html
My specific questions to you is what tool would you
recommend to decrypt this password ? and are there any
other ways to attack VNC ?
On a more general level, what are the most formidable
remote management tools that are out there that you
have most difficulty to detect and penetrate ?
regards Erica
__________________________________________________
Do You Yahoo!?
Yahoo! Mail � Free email you can access from anywhere!
http://mail.yahoo.com/
 By Date 
By Thread
Current thread:
|
