Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

VNC的爆破 #384

Open
qianbenhyu opened this issue Oct 16, 2024 · 4 comments
Open

VNC的爆破 #384

qianbenhyu opened this issue Oct 16, 2024 · 4 comments

Comments

@qianbenhyu
Copy link 

package Plugins

import (
	"fmt"
	"github.com/mitchellh/go-vnc"
	"github.com/shadow1ng/fscan/common"
	"net"
	"time"
)

func checkvnc(info *common.HostInfo) (err error) {
	//var connected bool
	Host, Port := info.Host, info.Ports
	addr := fmt.Sprintf("%s:%s", Host, Port)
	_, err = net.DialTimeout("tcp", addr, 3*time.Second)
	if err != nil {
		errlog := fmt.Sprintf("[-] VNC %v:%v %v", info.Host, info.Ports, err)
		common.LogError(errlog)
		//defer conn.Close()
		return err
	}
	
	for _, pass := range common.VNCPasswords {
		config := &vnc.ClientConfig{
			Auth: []vnc.ClientAuth{
				&vnc.PasswordAuth{
					Password: pass,
				},
			},
		}

		addr := fmt.Sprintf("%s:%s", Host, Port)
		conn, err := net.DialTimeout("tcp", addr, 5*time.Second)
		if err != nil {
			continue
		}
		defer conn.Close()

		client, err := vnc.Client(conn, config)
		if err != nil {
			continue
		}
		defer client.Close()

		result := fmt.Sprintf("[+] VNC %v:%v  password: %v", Host, Port, pass)
		common.LogSuccess(result)
		//connected = true
		break // 成功连接后退出循环
	}
	
	return err
}
@qianbenhyu
Copy link
Author

我实测有个问题是,vnc在错几次之后就提示too many failures,我觉得可以在config.go定义个VNC的字典,不用爆破太多

@shadow1ng
Copy link
Owner

师傅用的是哪个docker 测试的嘛

1 similar comment
@shadow1ng
Copy link
Owner

师傅用的是哪个docker 测试的嘛

@qianbenhyu
Copy link
Author

师傅用的是哪个docker 测试的嘛

我kali起的一个vnc

  1. vncpasswd
  2. tightvncserver :1 -geometry 1024x768 -depth 24

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@qianbenhyu @shadow1ng