Celebrating the 22th anniversary of the UltraVNC: https://forum.uvnc.com/viewtopic.php?t=38031
Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: https://forum.uvnc.com/viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864

Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc

Network security altering repeater protocol

Developers may discuss here
Post Reply
harry999
Posts: 1
Joined: 2024-04-14 20:50

Network security altering repeater protocol

Post by harry999 »

When connecting the viewer to the repeater, the repeater sends a message with "RFB 000.000" as the protocol version. After reviewing the code, I cannot see why this might be critical for the connection between the repeater and the viewer. With a small patch to the repeater and the viewer, the repeater could basically send any protocol version for the viewer to accept the connection. This works since the viewer is aware that it connects to the repeater anyway.
I have a client who operates a network security system that detects the above mentioned message, raises an alert, and terminates the connection between the client and the repeater. Therefore, I would like to operate a patched version. Other viewers would not be able to connect if they expect the message with the invalid RFB protocol version. Are there any other collateral issues to be expected? Is there a deeper reasoning behind the special RFB message?
User avatar
Rudi De Vos
Admin & Developer
Admin & Developer
Posts: 6867
Joined: 2004-04-23 10:21
Contact:

Re: Network security altering repeater protocol

Post by Rudi De Vos »

server/viewer negotiate supported options, one parameter is the version.
Using a repeater you need to temp set a version and send the correct later.

The repeater doesn't know the version until the other part connect, but the server/viewer expect the version else it disconnect.
A 0 version just indicate that's a repeater connection.
Post Reply