|
-
April 22nd, 2004, 08:59 PM
#1
Password Bug in RealVNC 3.3.7
While tracking down other horrible things I stumbled on a bug that I think others should know about (if you don't know already).
ISSUE:
==============================================
VNC Server cuts off passwords during auth at 8 characters. So, if you set a 24 char password, all I have to do is guess the first 8 and I own your server.
VERSION INFO:
==============================================
RealVNC 3.3.7
PLATFORMS TESTED:
==============================================
All Win32
I'll report this to the fine folks at RealVNC, but I threw it up here first...
--TH13
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
April 22nd, 2004, 11:48 PM
#2
Member
Does this go for TightVNC as well?
-
April 23rd, 2004, 01:12 AM
#3
I've only tried this on RealVNC. I don't use TightVNC.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
April 23rd, 2004, 01:42 AM
#4
to add insult to injury go to HKEY_CURRENT_USER\software\orl\winvnc\password
or HKEY_LOCAL_MACHINE\SOFTWARE\ORL\WinVNC3\Default
very easy to de-crypt
im sure they know its been this way for some time
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
April 23rd, 2004, 01:47 AM
#5
Junior Member
That is why you run it through SSH.
-
April 23rd, 2004, 05:19 AM
#6
VNC should where possible be tunneled via SSH using keypair auth. Unfortunately it's not always practical to do so, so you may have to settle for allowing logins from a restricted IP range. 
Chris Shepherd
The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
\"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
Is your whole family retarded, or did they just catch it from you?
-
April 23rd, 2004, 11:03 AM
#7
Yeah, I typically use stunnel for all of my needs (on W32 machines). Otherwise, SSH is the only way I fly. In this case, I found the problem on another group's server. The apes seem incapable of getting stunnel setup so they run VNC outright.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote