UltraVNC 1.2.0.5 test - Download links

[Rudi De Vos]

corrected and reuploaded, there was an extra " in the filename...

[Rudi De Vos]

viewer
modified viewer so encrypted vnc passwd is also saved in .vnc file if plugin is selected, current this was set to 00000000

http://www.uvnc.eu/download/1205/vncviewer_test1.zip

[Nick_od]

corrected and reuploaded, there was an extra " in the filename...

test
Install Service - work OK
Uninstall Service - work OK
Start Service - work OK
Stop Service - work OK

[Nick_od]

viewer
modified viewer so encrypted vnc passwd is also saved in .vnc file if plugin is selected, current this was set to 00000000

http://www.uvnc.eu/download/1205/vncviewer_test1.zip

test fail
Set a password on the server "123456789" in the UltraVNC.ini file value DSMPluginConfig = SecureVNC; 0; 0x00104001; MTIzNDU2Nzg5
Connect to the server and then save connection in ***.vnc file

value in ***.vnc file is saved password = f0e432e373
when trying to connect using ***.vnc file
a popup says "authentication rejected"

just trying to save the password = 123456789 in ***.vnc file
tried to connect and nothing happened popup windows "VNC Authentication enter password"

[Rudi De Vos]

Are you using a vnc or dsm passwd

I tested it with plugin and vnc passwd
DSMPluginConfig = SecureVNC
password = f0e42e373

connect viewer, save as , select yes for passwd
test via -config or dblclick when association is installed
vncviewer -config saved_file.vnc

[Nick_od]

Are you using a vnc or dsm passwd

i using (dsm passwd)
DSMPlugin=SecureVNCPlugin.dsm
and key
Viewer_ClientAuth.pkey
Server_ClientAuth.pubkey

[Rudi De Vos]

Tested with
vncviewer.exe (64bit)
SecureVNCPlugin64.dsm
20141208_Viewer_ClientAuth.pkey
In the vnc folder
password=12345678

Configured the server (32bit)
ultravnc.ini

Code: Select all

DSMPluginConfig=SecureVNC;0;0x00104001;
passwd=F0E43164F6C2E37377

winvnc.exe
20141208_Server_ClientAuth.pubkey

Server started as service and tested manual
After connection I created the
LOCALHOST-5900.vnc (save info as...this is a viewer option)

Code: Select all

password=f0e43164f6c2e373  (This is the same as the serversite without the 2 last digits, auto saved with save info as)
DSMPlugin=SecureVNCPlugin64.dsm

Connect without asking a password

Seems to work without problems...
Try also without default (viewer button to erase)

What does not work is using a passphrase, this is handled by the plugin and can not be saved.
vnc passwd + key works

The viewer error was that password=0000000 was not saved.
Manual setting the passwd ( serverpassword - 2 latest digits ) also work with old viewers

[Nick_od]

i use passphrase in DSMPlugin=SecureVNCPlugin.dsm "Config"
and key
Viewer_ClientAuth.pkey
Server_ClientAuth.pubkey

Code: Select all

[admin]
UseRegistry=0
MSLogonRequired=0
NewMSLogon=0
DebugMode=0
Avilog=0
path=C:\Program Files\UltraVNC
kickrdp=0
service_commandline=-autoreconnect ID:999999 -connect my.repeater::port
DebugLevel=10
DisableTrayIcon=0
LoopbackOnly=0
UseDSMPlugin=1
AllowLoopback=1
AuthRequired=1
ConnectPriority=0
DSMPlugin=SecureVNCPlugin.dsm
AuthHosts=
AllowShutdown=1
AllowProperties=1
AllowEditClients=1
FileTransferEnabled=1
FTUserImpersonation=1
BlankMonitorEnabled=1
BlankInputsOnly=0
DefaultScale=1
SocketConnect=0
HTTPConnect=0
AutoPortSelect=0
PortNumber=5900
HTTPPortNumber=5800
IdleTimeout=0
IdleInputTimeout=0
RemoveWallpaper=0
RemoveAero=0
QuerySetting=2
QueryTimeout=10
QueryAccept=0
QueryIfNoLogon=0
primary=1
secondary=1
InputsEnabled=1
LockSetting=0
LocalInputsDisabled=0
EnableJapInput=0
FileTransferTimeout=1
clearconsole=0
accept_reject_mesg=
KeepAliveInterval=5
DSMPluginConfig=SecureVNC;0;0x00104001;MTIzNDU2Nzg5
[UltraVNC]
passwd=000000000000000000
passwd2=000000000000000000
[poll]
TurboMode=1
PollUnderCursor=0
PollForeground=0
PollFullScreen=1
OnlyPollConsole=0
OnlyPollOnEvent=0
EnableDriver=0
EnableHook=1
EnableVirtual=0
SingleWindow=0
SingleWindowName=
MaxCpu=40
[Permissions]
[admin_auth]
group1=
group2=
group3=
locdom1=0
locdom2=0
locdom3=0

i not use VNC password

as far as I could understand
what this "passphrase" is not saved in the file "***.vnc" ?

[Rudi De Vos]

You use a key that act as a 2014bit password and encryption key and a seperate big passphrase password...but want to save the big password to file.

From security point...
If someone steal your key he now also have the password.
If you save the password in a file together with the key , you can also use a vnc passwd. It is not more or less secure.

[Nick_od]

you want to offer me the to use SecureVNCPlugin.dsm keys (Viewer_ClientAuth.pkey & Server_ClientAuth.pubkey)

and instead of a password DSMPlugin (passphrase) password vnc to 8 characters, and the only way to use the vnc file with a password that would not have to type it when you connect?

it will be as well as secure way if I used a password DSMPlugin (passphrase 9 characters) ?

[Rudi De Vos]

Let's make it clear

Encryption + vnc password ( key is exchanged, so password is needed)
Encryption with key + vnc passwd ( you need to enter the vnc passwd, but from security point the password isn't realy needed as the key already act as password)
Encryption + plugin passwd ( password is needed, key is exchanged)
Encription with key + plugin passwd ( you need to enter the passwd, but from security point the password isn't realy needed as the key already act as password)

A password + key could be usefull: when you put all keys on a usb stick and you loose the usb key, people still need to know the passwd, A dubble protection.
To have this protection password should not be saved in the ini files

[Nick_od]

Encription with key + plugin passwd (passphrase)
I chose this method because :
http://adamwalling.com/SecureVNC/

It is highly recommended to choose a passphrase. This will override the UltraVNC password, which due to a historic design limitation in VNC is limited to 8 characters. The passphrase override allows you to use up to 128 characters. This passphrase is used to encrypt the handshake and effectively prevents man-in-the-middle attacks. The key is generated from the passphrase along a salt by using 4,096 rounds with the PKCS#5 PBKDF2 HMAC SHA1 key derivation algorithm.

read it decided that it will be safer.
I have a lot of computers and everyone has their own individual password "passphrase" 9 characters + keys
so I wanted to ask whether it is possible to make a file "***.vnc" which will contain the password ("passphrase" 9 characters) and it will automatically be inserted

but if this is not possible then I will work as before without the file "***.vnc"
Thanks for explaining

[Rudi De Vos]

Adam is correct, vnc is only 8 chars and not safe....so you can use a bigger passwd or a predefined key.
Saving a passphrase is not possible, this is done insite the plugin and would require a plugin change...sorry.