Graham:
Heya. Let me just be sure I heard you:
> Well, see James' comment. If you can see it over the network, you can
> run regedt32 against it. IIRC, though, the password is encrypted in the
> registry anyway (And VNC does not allow blank passwords, so simply
> deleting it is out) - so you have to crack that, first.
Forgive my lack of Windoze tech-savvy here, but...is this
a feature or a bug? :) And...is regedt32 TCP based over some specific
port that my firewall should be especially cautious about? And, lastly,
is it read/write, so I could cut&paste my password's ciphertext hex
into the registry and they have my way with it?
I'm thinking that once you have the ciphertext, it's
pretty easy to plug it into a password guesser like Crack. I've
had, errr, *heard about* people having great luck guessing
passwords with it.
tia,
Scott
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
