6-24 exploit-vnc password cracking

Introduction to VNC

VNC (Virtual Network Console) is the abbreviation of Virtual Network Console.It is an excellent remote control tool software developed by the famous AT&T European research laboratory.It is mainly used for visual control, similar to the remote desktop. The ssh and rlogin we have contacted before are the control terminals of the command line, but VNC is a little different from the remote desktop. The remote desktop is open to 3389, while the VNC server is open.By default it runs on port 5900

nmap 192.168.1.105

Port 5900 is usually open to the VNC server

Detect target VNC

Use nmap -sV -p 5900 IP address to probe the target VNC version information.

nmap -sV -p 5900 192.168.1.105

msf crack VNC password

See if there is a weak password to log in. After logging in, we can visually operate our system through the channel connecting the VNC client to the server

The vnc_login module can be used to crack the VNC server authentication username and password under msf

msfconsoleuse auxiliary/scanner/vnc/vnc_loginshow options

set rhosts 192.168.42.137run

Crack result: username is empty, password is password

vnc client login

Under windows, install the vnc viewer client software to connect to the VNC server. There is also a corresponding version under linux. You can download the vnc viewer on the Internet

After we log in with VNC, we are a user with root privileges, and we can perform arbitrary operations here

If VNC is so simple to be cracked, VNC will be used by more people, making it simple to execute commands, perform visual operations, and operate on our server, which is very dangerous and has security risksYes, in order to prevent this from happening, we can set the password verification corresponding to VNC. Its password is very complicated. At this time, we cannot crack it and monitor it in real time

Limit the number of logins and the threshold to make VNC more secure. At the same time, you can also set up a firewall to prevent other IPs from logging in. VNC can only log in with a fixed IP, which ensures VNC to a large extent.Service security, and server security