Re: Need brute-force assistance

From: Sugiowono (sugiowono@datacomm.co.id)
Date: Mon Oct 30 2006 - 05:08:53 EST


Hi,

As i know there is a VNC crack tool, i never use it also.

rgds,
sg
----- Original Message -----
From: <barcajax@gmail.com>
To: <pen-test@securityfocus.com>
Sent: Monday, October 30, 2006 10:01 AM
Subject: Need brute-force assistance

I have a machine running RDP, RealVNC and PcAnywhere.
I have successfully brute-forced RDP using TSgrinder. However, I did not
have the same success against RealVNC and PcAnywhere using Hydra.
Here is the error message I got when bruteforcing PcAnywhere.
C:\hydra-5.3-win>hydra -l Administrator -p c:\wordlist.txt -v 192.168.1.111
pcan
ywhere
[VERBOSE] More tasks defined than login/pass pairs exist. Tasks reduced to
1.
Hydra v5.3 (c) 2006 by van Hauser / THC - use allowed only for legal
purposes.
Hydra (http://www.thc.org) starting at 2006-10-30 11:03:22
[DATA] 1 tasks, 1 servers, 1 login tries (l:1/p:1), ~1 tries per task
[DATA] attacking service pcanywhere on port 5631
[VERBOSE] Resolving addresses ... done
    873 [main] hydra 688 child_copy: stack write copy failed,
0x22E990..0x230000
, done 0, windows pid 2287812, Win32 error 5
    873 [main] hydra 688 child_copy: stack write copy failed,
0x22E990..0x230000
, done 0, windows pid 2287812, Win32 error 5
Error: Fork for children failed: No error
 898713 [main] hydra 688 child_copy: stack write copy failed,
0x22E990..0x230000
, done 0, windows pid 2287812, Win32 error 5
 898713 [main] hydra 688 child_copy: stack write copy failed,
0x22E990..0x230000
, done 0, windows pid 2287812, Win32 error 5
Error: Fork for children failed: No error
Error: All childrens are dead!
[INFO] Writing restore file because 1 server scans could not be completed
[VERBOSE] Writing restore file... done
The session file ./hydra.restore was written. Type "hydra -R" to resume
session.

How do I bruteforce RealVNC? It has no user correct? Would appreciate any
feedback as I got no response from THC when I sent a query. Thanks.

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:15 EDT