VNCcrack 2.1 2008-11-07 This is a program, licensed under the GNU GPL v2, which can scan a pcap file (as generated by tcpdump and many other tools) for any VNC authentication sessions and attempt to crack them against a wordlist. It has been tested sucessfully to descrypt the authentication session between TightVNC 1.3.9 running between a Gentoo Linux/amd64 client and a Windows XP/x86 server. VNCcrack requires the following libraries be installed: pcap - http://www.tcpdump.org/ Botan - http://botan.randombit.net/ Many Linux and BSD distributions ship one or both of these libraries. For instance on Debian $ apt-get install libbotan1.7 libpcap0.8 Usage is $ ./vnccrack dump.pcap wordlist where wordlist is a file containing potential passwords. This parameter can also be the single character '-', meaning potential passwords should be read from standard input. This is useful for external password generators such as John the Ripper; which could be used like so: $ john -i -stdout:8 | ./vnccrack dump.pcap -