Jump to content
Wubi

Attacking VNC Servers

Recommended Posts

Often in infrastructure penetration tests especially in large organizations you might come across with the VNC service.The main use of this service is because systems administrators want to remotely control other systems or for technical support issues in the users desktops.So when a penetration tester discovers a VNC server running on port 5900 then it is a good practice to check if he could gain access to the system from that service by checking for weak passwords.In this tutorial we will see how we can attack a VNC server.

So lets say that we have discover a VNC service running on port 5900 through our nmap scan.

5.jpeg

[VNC Service Discovery]

Now we can use the metasploit framework in order to attack this service.The module that we will need is the vnc_login.Unfortunately metasploit doesn’t provide a big word-list for this module so we might want to use an alternative word-list in order our attack to have more efficiency.So we are configuring the module and we are executing it with the run command.

7.jpeg

[VNC Authentication Scanner]

As we can see from the image above the vnc scanner has managed to authenticate with the password admin.So now we can use the VNC viewer in order to authenticate with the remote host and to start the post exploitation activities.

Conclusion

VNC is a service that it can be seen quite often in networks.As we saw the metasploit module is simple and effective and it can be used for testing this service.Metasploit offers of course and other modules that can exploit VNC vulnerabilities but in order to use these modules it is advisable first to be in contact with the client that the penetration test is performed.

Sursa Penetration Testing Lab

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...