bruteforce against vnc...

Quote:

---

That is what it stands for

---

You said it stood for point of concept in an earlier post - make your mind up dood.

Quote:

---

the point of the term people can release code to exploit software and claim it to be for educational purposes only

---

Not really oofki, like I said:

Quote:

---

if you don't understand the acronym, then don't use it or involve yourself in conversations about it

---

PoC has nothing to do with the code being for educational purposes, malicious purposes or downright illegal purposes. The clue is in the words Proof of Concept

Loosely speaking if you are proving a concept it means you are tyring to do something that no one has done before, as otherwise the concept would have already been proven. Therefore if I release a program that preforms a VNC dictionary attack I am not proving any concept (other than if my code works but that is using PoC in a different context), as someone has already proven this concept a long time ago.

In very general terms - If I find a flaw that can be exploited in VNC that no one else knows about or has discovered before, that I have could have a PoC exploit. If I then code an app that exploits this bug then I will have released a PoC attack - if 5 years later someone releases a program that does they same thing for educational purposes, then this is not a PoC attack as I would have already proven the concept 5 years previously.

So my original point which went over your head and does not even seem relevant anymore, was that the OP can't release a PoC attack that preforms a dictionary attack against VNC.

Quote:

---

Originally Posted by Nokia

A rule of thumb I have always found useful is that if you don't understand the acronym, then don't use it or involve yourself in conversations about it....and if you don't like acronyms then it's best not to work in IT....

---

Now, now Nokia:

Don't you know it's Extremely l337 to use acronyms?

My favorites are MGD, THC, LSD, and HCl (for the enemies)

/tangent

I love acronyms

Some of my favs


Lart
Dilligaf
RTFM

MLF

The LART manual page.

Written by Tim Bandy < timn8r[at]risk.cs.umn.edu >


LART(1M) MISC. REFERENCE MANUAL PAGES LART(1M) NAME lart - Luser Attitude Readjustment Tool - use a lart to adjust lusers' attitudes
SYNOPSIS lart [ -use tool ] [ -bBfFgklp ] <lusername>

DESCRIPTION lart adjusts the attitudes of those pesky, clueless people who rely upon their admins for everything from picking their mice off of the floor to turning on their monitors; namely, the luser(8). Running lart with the appropriate arguments will cause the specified luser to run away screaming in agony. Alternatively, you can make the luser buy you a beer, after killing all of their processes.

OPTIONS -use tool Choose your weapon. If this option is not specified, the enviroment variable LART is used. If neither is set, a default value will be used, which is set at compile time

-b Used to increase the size of your lart

-B The BOFH option. Removes a users files and kills all their processes. If used in conjunction with -p this will also cause syslog to make entries proving that <lusername> was the second gunman behind the grassy knoll

-f Only fake luser's attitude readjustment session. Provided primarily for testing purposes. Mutually exclusive with -B

-F fsck <lusername> as a raw device. Note that this option has not been tested, as it is rather difficult to find volunteers

-g Graphic violence. Uses curses to monitor <lusername> during the beating.

-k Kill. A rather permanent option, and as such is not highly recommended. Can only be invoked once per <lusername>

-p See -B
SEE ALSO sysadmin(1), guru(8), luser(8)