Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: https://forum.uvnc.com/viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864

Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc

Reverse connection & hashed passwords

Should you have problems with the DSM plugin, here's the place to look for help or report issues
Post Reply
jamesthejust
Posts: 6
Joined: 2006-06-05 09:26

Reverse connection & hashed passwords

Post by jamesthejust »

Great piece of software! Thanks for all the hard work.

Situation:

Server using reverse connection with DSM plugin enabled, no rc4.key provided. Automatically hashes regular VNC password into a key. <-- THIS WORKS

Viewer in listen mode with DSM plugin & no rc4.key. Viewer doesn't support '-password xyz' command in listen mode, doesn't hash password into a key and therefore doesn't connect. <-- THIS DOESN'T WORK

How do I make this work?

I'm automating VNC & want the users at each end (server & viewer) to enter the same (simple) password (which can change each session). This password is then hashed into an encryption key.

Help much appreciated!
Last edited by jamesthejust on 2009-08-02 23:24, edited 1 time in total.
User avatar
Rudi De Vos
Admin & Developer
Admin & Developer
Posts: 6863
Joined: 2004-04-23 10:21
Contact:

Re: Reverse connection & hashed passwords

Post by Rudi De Vos »

In reverse connection mode, dsm on viewer site ask passwd via popup.
jamesthejust
Posts: 6
Joined: 2006-06-05 09:26

Re: Reverse connection & hashed passwords

Post by jamesthejust »

Rudi De Vos wrote:In reverse connection mode, dsm on viewer site ask passwd via popup.
Ah, thanks. That does the job.

Perhaps you can help me with another query?

When I generate a password using UltraVNC's 'Edit Settings' program the hex string is 18 characters long. vncpwd, on the other hand, generates a 16-character key from the same password.

Any idea why?

Thanks.

Edit: Nevermind. After a bit of searching I've found that the last 2 characters need to be there, but are ignored. In other words, simple appending '00' to the end of the 16-character hex key does the job.

Just to confirm...

Having rc4 keys generated by passwords is secure. The raw passwords don't get transmitted over the internet. Both server & viewer independently convert their own password into an rc4 key & it's those that must match up.

Is that correct? Ta.
Last edited by jamesthejust on 2009-08-03 11:24, edited 1 time in total.
redge
1000
1000
Posts: 6797
Joined: 2004-07-03 17:05
Location: Switzerland - Geneva

Re: Reverse connection & hashed passwords

Post by redge »

> Is that correct?
yes
UltraVNC 1.0.9.6.1 (built 20110518)
OS Win: xp home + vista business + 7 home
only experienced user, not developer
Post Reply