Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: viewtopic.php?t=37864

Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://twitter.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc

AESV2+ARC4 plugin ask VNC password reverse connection, wrong

Should you have problems with the DSM plugin, here's the place to look for help or report issues
Post Reply
redge
1000
1000
Posts: 6797
Joined: 2004-07-03 17:05
Location: Switzerland - Geneva

AESV2+ARC4 plugin ask VNC password reverse connection, wrong

Post by redge »

dmsplugins below ask VNC password for reverse connection, wrong
dmsplugins below ask VNC password for normal connection with MS Logon, wrong
  • AESV2100RC1
  • ARC4Plugin100RC1
:idea: idea
remove the VNC Password hasch control for only reverse connection and MS Logon possible ? especially when MS Logon used !
that would be really appreciated.
UltraVNC 1.0.9.6.1 (built 20110518)
OS Win: xp home + vista business + 7 home
only experienced user, not developer
Top
scovel
100
100
Posts: 307
Joined: 2004-07-12 11:56
Location: CT, USA
Contact:
Contact scovel

Post by scovel »

Redge,

Does the Non-Beta MSRC4 plugin act this way too? If so, you'd better run this by Sam and Rudi. The plugin really doesn't control when the password is asked for. That's UltraVNC doing that.

Sean
Top
redge
1000
1000
Posts: 6797
Joined: 2004-07-03 17:05
Location: Switzerland - Geneva

Post by redge »

Does the Non-Beta MSRC4 plugin act this way too?
problem never reported with this MSRC4Plugin any build

no error to report anyway for MSRC4Plugin_NoReg118.dsm
as classic connection vncviewer --> winvnc
and reverse connection winvnc --> vncviewer

Is why I'm thinking the only AESV2 and ARC4 plugin and not faulty of the winvnc dsm
because is based on VNC password hash and not happen with MSRC4

from your webpage *beta*
It adds a 128bit random SALT to your VNC password, then uses MD5 to create a 128bit hash, and uses that as the encryption key. This makes the key for each session UNIQUE. A random 128bit IV is added to the first block.
UltraVNC 1.0.9.6.1 (built 20110518)
OS Win: xp home + vista business + 7 home
only experienced user, not developer
Top
scovel
100
100
Posts: 307
Joined: 2004-07-12 11:56
Location: CT, USA
Contact:
Contact scovel

Post by scovel »

Redge,

We need to break this down into some basic testing steps. The new beta plugins each can be used with a key and without a key, and normal and reverse connections. I need to be clear about what configuration you are talking about and what is going wrong. Adding MSLogin makes the possible combinations even bigger.

First, test the "Classic" plugin in forward and reverse connection without MSLogin. We'll define whatever this does as the "correct" behavior.

Next, test with the MSRC4 119 RC5 plugin. It should use the same key file, and SHOULD act exactly the same way. When it sees the keyfile it has the same behavior as the "classic" plugin, except it adds some "salt" to the key.

IF these two tests have the same result, then test the ARC4 and AESV2 plugins. Make sure to create the arc4.key and aesv2.key files, and that the client and server are finding the key file. If all that is working, do the same forward and reverse testing. It should have the same result as the "classic" MSRC4 plugin.

If all that goes well, delete all the key files. (rc4.key, arc4.key, aesv2.key) and test the forward and reverse connections again. This time the plugins will only use the password as the key since it cannot find a key file. Let me know the results.

IF all THAT goes well, then go ahead and add MSLogin into the mix.

Sean
Top
redge
1000
1000
Posts: 6797
Joined: 2004-07-03 17:05
Location: Switzerland - Geneva

Post by redge »

config common to all test
viewer LAN 100 Mbits/s --> WLAN 54Mbit/s server
server: xp sp2 home fr winvnc 1.01 service system + dsmplugin+key
viewer: xp sp2 pro. us vncviewer 1.0.1 + dsmplugin +key
VNC authentication


direct viewer ---> server
MSRC4 NoReg118 rc4.key => VNC password requested, OK
MSRC4 NoReg119RC5 rc4.key => VNC password requested, OK
ARC4 100RC1 arc4.key => VNC password requested, OK
AESV2 100RC1 aesv2.key => VNC password requested, OK


----------------------------------------------------------------------------------


reverse server ---> viewer listen
MSRC4NoReg118 rc4.key => VNC password NOT requested, OK
MSRC4NoReg119RC5 rc4.key => VNC password NOT requested, OK
ARC4 100RC1 arc4.key => VNC password requested, wrong, NOK
AESV2 100RC1 aesv2.key => VNC password requested, wrong, NOK


remark
AESV2 config shown ARC Plugin configuration, funny bug ! ;-)
check environment variable %msrc4pluginkey%, wrong !

ARC4 config shown ARC Plugin configuration,
check environment variable %msrc4pluginkey%, wrong !

the most problem of plugin is: path variable and misspelling
Last edited by redge on 2005-08-22 21:50, edited 1 time in total.
UltraVNC 1.0.9.6.1 (built 20110518)
OS Win: xp home + vista business + 7 home
only experienced user, not developer
Top
redge
1000
1000
Posts: 6797
Joined: 2004-07-03 17:05
Location: Switzerland - Geneva

Post by redge »

config common to all test
viewer LAN 100 Mbits/s --> WLAN 54Mbit/s server
server: xp sp2 home fr winvnc 1.01 service system + dsmplugin without key
viewer: xp sp2 pro. us vncviewer 1.0.1 + dsmplugin without key
VNC authentication


direct viewer ---> server
MSRC4 NoReg118 no key => MSRC118 not possible without rc4.key
MSRC4 NoReg119RC5 no key => VNC password requested, OK
ARC4 100RC1 no key => VNC password requested, OK
AESV2 100RC1 no key => VNC password requested, OK


----------------------------------------------------------------------


reverse server ---> viewer listen
MSRC4NoReg118 no key => MSRC118 not possible without rc4.key
MSRC4NoReg119RC5 no key => VNC password NOT requested, OK <-- very good, mean possible to not read vnc password :-)
ARC4 100RC1 no key => VNC password requested, wrong, NOK
AESV2 100RC1 no key => VNC password requested, wrong, NOK


comment:
(there no confusion, all tests was made without any key)
MSRC4 NoReg118 only show C:\Program Files\ORL\VNC\rc4.key
instead to indicate user to put their own rc4.key to:
C:\Program Files\UltraVNC as default folder
or
better, suggest user to put their own rc4.key to local folder of vncviewer or winvnc
Last edited by redge on 2005-08-23 23:32, edited 2 times in total.
UltraVNC 1.0.9.6.1 (built 20110518)
OS Win: xp home + vista business + 7 home
only experienced user, not developer
Top
scovel
100
100
Posts: 307
Joined: 2004-07-12 11:56
Location: CT, USA
Contact:
Contact scovel

Post by scovel »

Redge,

Good work. Now I just need to figure out why, and fix the bugs! :o
Top
scovel
100
100
Posts: 307
Joined: 2004-07-12 11:56
Location: CT, USA
Contact:
Contact scovel

Post by scovel »

The latest release candidates fix the problem. (8/29/2005)

If you don't use a key file then reverse connections will ask for the password. Without the password the connection cannot be encrypted and will fail.

Sean
Top
Post Reply

Return to “DSM plugin”