Hacking at work for fun and a paycheck
July 16, 2007 – 8:00 pmSo at the new job we have a few offices in different locations of country. For example, next week I’m heading to Tennessee to experience the call center application I’m working on first hand. I had just relocated one of our databases from the Michigan office to our sql server here in Minnesota and a report that a user from Michigan runs broke in the process. The user called in to report the report had to be run but she wasn’t at her system. I was told that remote desktop was disabled on these systems but the passwords I was given weren’t working properly.
After some failed attempts at remotely starting remote desktop, I started looking into ways to get into VNC. They weren’t running the older vulnerable version of so that was out of the question. After doing a bit of google searching I came across a utility called vncpwdump which allows you to dump the existing password from the registry. Unfortunately the program was only giving me a portion of the password. Instead I decided I was approaching this the wrong way. I went ahead and changed my VNC password to a temporary password and then exported the registry key.
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\RealVNC\WinVNC4]
“Password”=hex:aa,aa,aa,aa,aa,aa,aa,aa
“SecurityTypes”=”VncAuth”
“ReverseSecurityTypes”=”None”
“QueryConnect”=dword:00000000
“dummy”=”"
Then using Connect Network Registry option in the registry editor, I imported my registry file to the remote system. Voila!
One Response to “Hacking at work for fun and a paycheck”
Mortal Kombat voice: “impressive.”
By Brandon on Jul 19, 2007