Well,documentation...
For the moment, I will put here just the stuff from usage() and some comments:
Online: ./vncrack -h target.host.com -w wordlist.txt [-opt's] Passwd: ./vncrack -C /home/some/user/.vnc/passwd Windows interactive mode: ./vncrack -W enter hex key one byte per line - find it in \HKEY_CURRENT_USER\Software\ORL\WinVNC3\Password or \HKEY_USERS\.DEFAULT\Software\ORL\WinVNC3\Password Options for online mode: -v verbose -d N Sleep N nanoseconds between each try -D N Sleep N seconds between each try -a Just a funny thing -p P connect to port P instead of 5900 -s N Sleep N seconds in case connect() failed -R N Wait N seconds when you got blocked Options for challange/response intercepted by PHoss: -cCopy and paste from PHoss -r Copy and paste from PHoss
In Windoze interactive mode, you are prompted for 8 lines of 2-digit hex data. This looks like this:
2F 98 1D C5 48 E0 9E C2You may use 'echo -e "AF\nFE\n..."' for this task and pipe it in VNCrack. It is the stuff you find in the registry keys.
Version stuff: This proggy replys to the server's version message with bouncing back the same one. But I suspect this program will not work with major versions greater then 3.3.