I have 2 different partial implimentations on this topic. The first, which requires admin privliges, is able to connect to a remote machine and dump the current users password. It could also dump the current machine password with the addition of 2 or 3 lines of code. The encrypt and decrypt functions work so it wouldn't be very hard to go the other way. The second, I simply wrapped the encrypt and decrypt functions into an ATL dll. It is usefull for decoding / encoding the value into VB, however it is stored as a binary value in the registry so I think you might have to do a little fudging on the VB side.
I know the first works on my NT 4.0 Wks and shouldn't have any problems on 2000. I haven't even dared to begin exploring XP. If you have any interests, I'll be back on Monday. Jacob -----Original Message----- From: Alex K. Angelopoulos [mailto:[EMAIL PROTECTED]] Sent: Friday, April 19, 2002 3:35 PM To: [EMAIL PROTECTED] Subject: Re: vncpasswd for Windows Windows NT, 2000, and XP, so it sounds like a good match. What I was thinking of originally was simply getting raw output - I can easily pipeline that via WMI or a control so that it could be written to remote registries on the same LAN. If you have *that* end of it worked out it would be unbelievable. If you're just set for local access, that demotes it to merely "fantastic!" ;-) ----- Original Message ----- From: "Jacob Hoover" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, 2002-04-19 13:42 Subject: RE: vncpasswd for Windows > What OS's are you running on? I may be able to help you. I took the vnc > password source and put it into a separate app with registry access. It > allows you to read and write passwords on the local and remote machines. > However, I have only tested it on NT 4.0 -> NT 4.0 scenario's. > > Jacob > > -----Original Message----- > From: Alex K. Angelopoulos [mailto:[EMAIL PROTECTED]] > Sent: Friday, April 19, 2002 12:51 PM > To: [EMAIL PROTECTED] > Subject: Re: vncpasswd for Windows > > > I hadn't thought about that, but the decryption mechanism I have works from > the > registry value, not the transmitted text - it's just the same thing as the > internal check VNC does to compare the password in the registry to what it > has > received. What I'm after, though, is to encrypt a text password so that it > can > be put into the registry on the fly. > > Currently it's a pain in the rear to do batch updates to Windows VNC server > passwords since you have to set up the password on the system, then export > it to > a plain-text REG file. Even worse, you then have the text representation of > the > binary password sitting in a file somewhere - and someone else can easily > come > along and decrypt it. > > > > > ----- Original Message ----- > From: "Sharma, Shashi" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Friday, 2002-04-19 11:50 > Subject: RE: vncpasswd for Windows > > > > I dont think you can get the cleartext from the password. > > The file which does the job of authenticating is d3des.c file in the > source > > code. > > > > The way it works on the vnc is > > server sends a challenge to client ->16 bytes > > client reads the challenget and then encyrpt it with the password > > and send back the response. > > Server knows the challenge it sent and then compare it with what it > expects > > > > > > > > -----Original Message----- > > From: Alex K. Angelopoulos [mailto:[EMAIL PROTECTED]] > > Sent: Friday, April 19, 2002 9:06 AM > > To: VNC Mailing List > > Subject: vncpasswd for Windows > > > > > > I asked about this over the weekend and didn't get a response at the time > > (it > > *is* an oddball question). > > > > I'm looking for some info on implementing an equivalent of the Unix > > vncpasswd on > > Windows. I can't seem to port the Unix version very easily, even with > > substantial changes, probably due to my limited knowledge of C/C++. I'm a > > little > > curious about the actual algorithm used for the DES3 encryption; I have > also > > found a *decryption* scheme which works on Windows, but I am having issues > > with > > un-reversing it and would find it much easier if anyone can point out some > > basic > > info on how the encryption process is done. > > --------------------------------------------------------------------- > > To unsubscribe, mail [EMAIL PROTECTED] with the line: > > 'unsubscribe vnc-list' in the message BODY > > See also: http://www.uk.research.att.com/vnc/intouch.html > > --------------------------------------------------------------------- > > --------------------------------------------------------------------- > > To unsubscribe, mail [EMAIL PROTECTED] with the line: > > 'unsubscribe vnc-list' in the message BODY > > See also: http://www.uk.research.att.com/vnc/intouch.html > > --------------------------------------------------------------------- > --------------------------------------------------------------------- > To unsubscribe, mail [EMAIL PROTECTED] with the line: > 'unsubscribe vnc-list' in the message BODY > See also: http://www.uk.research.att.com/vnc/intouch.html > --------------------------------------------------------------------- > --------------------------------------------------------------------- > To unsubscribe, mail [EMAIL PROTECTED] with the line: > 'unsubscribe vnc-list' in the message BODY > See also: http://www.uk.research.att.com/vnc/intouch.html > --------------------------------------------------------------------- --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html --------------------------------------------------------------------- --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html ---------------------------------------------------------------------
