Damn Vulnerable Windows XP: Lesson 4: How to setup the RealVNC Weak Password Exploit
ComputerSecurityStudent (CSS) [Login] [Join Now]




|WINDOWS >> Damn Vulnerable Windows >> WXP-SP2 IE6 >> Current Page |Views: 15369

(Damn Vulnerable Windows XP: Lesson 4)

{ How to setup the RealVNC Weak Password Exploit }


Section 0. Background Information
  1. What is Damn Vulnerable Windows XP?
    • This is a Windows XP Virtual Machine that provides a practice environment to conduct ethical penetration testing, vulnerability assessment, exploitation and forensics investigation.
    • The Microsoft Software License Terms for the IE VMs are included in the release notes.
    • By downloading and using this software, you agree to these license terms.

  2. What is the RealVNC?
    • RealVNC is a company that provides remote access software. The software consists of a server and client application for the Virtual Network Computing (VNC) protocol to control another computer's screen remotely.
    • https://www.realvnc.com/

  3. What is the RealVNC Weak Password Exploit?
    • The CVE Vulnerability number is CVE-1999-0506.  The vulnerability  is where a Windows NT domain user or administrator account has a default, null, blank, missing password, or easy to guess password.

  4. Implementing the CVE-2011-0609 with RealVNC
    • The following lesson will show you how to configure RealVNC with a weak password.

  5. Pre-Requisite
  6. Post-Requisite
  7. Lab Notes
    • In this lab we will do the following:
      1. Download vnc_4_1_3-x86_win32.exe
      2. Install vnc_4_1_3-x86_win32.exe
      3. Configure RealVNC with weak password
     
  8. Legal Disclaimer
    • As a condition of your use of this Web site, you warrant to computersecuritystudent.com that you will not use this Web site for any purpose that is unlawful or that is prohibited by these terms, conditions, and notices.
    • In accordance with UCC § 2-316, this product is provided with "no warranties, either express or implied." The information contained is provided "as-is", with "no guarantee of merchantability."
    • In addition, this is a teaching website that does not condone malicious behavior of any kind.
    • You are on notice, that continuing and/or using this lab outside your "own" test environment is considered malicious and is against the law.
    • © 2015 No content replication of any kind is allowed without express written permission.

 

Section 1: Log into Damn Vulnerable WXP-SP2
  1. Open VMware Player on your windows machine.
    • Instructions:
      1. Click the Start Button
      2. Type "vmware player" in the search box
      3. Click on VMware Player

     

  2. Edit Virtual Machine Settings
    • Instructions:
      1. Click on Damn Vulnerable WXP-SP2
      2. Edit Virtual Machine Settings
    • Note:
      • Before beginning a lesson it is necessary to check the following VM settings.

     

  3. Set Network Adapter
    • Instructions:
      1. Click on Network Adapter
      2. Click on the radio button "Bridged: Connected directly to the physical network".
      3. Click the OK Button

     

  4. Start Up Damn Vulnerable WXP-SP2.
    • Instructions:
      1. Start Up your VMware Player
      2. Play virtual machine

     

  5. Logging into Damn Vulnerable WXP-SP2.
    • Instructions:
      1. Click on Administrator
      2. Password: Supply Password
        •  (See Note)
      3. Press <Enter> or Click the Arrow
    • Note(FYI):
      1. Password was created in (Lab 1, Section 1, Step 8)

     

  6. Open the Command Prompt
    • Instructions:
      1. Click the Start Button
      2. All Programs --> Accessories --> Command Prompt

     

  7. Obtain Damn Vulnerable WXP-SP2's IP Address
    • Instructions:
      1. ipconfig
      2. Record Your IP Address
    • Note(FYI):
      • In my case, Damn Vulnerable WXP-SP2's IP Address 192.168.1.116.
      • This is the IP Address of the Victim Machine.

 

Section 2: Install Adobe Flash 10.2.152.26
  1. Open Firefox
    • Instructions:
      1. Click the Start Button
      2. All Programs --> Mozilla Firefox

     

  2. Download VNC 4.1.3 (Part 1)
    • Instructions:
      1. Navigate to the following URL
        • https://archive.realvnc.com/download/get/775/
      2. Click the Save File Radio Button

     

  3. Download VNC 4.1.3 (Part 2)
    • Instructions:
      1. Navigate to Desktop --> My Documents --> Downloads
      2. Click the Save Button

     

  4. Open Download Folder
    • Instructions:
      1. Tools --> Downloads
      2. Right Click on vnc_4_1_3-x86_win32.exe
      3. Click on Open Containing Folder

     

  5. Open vnc_4_1_3-x86_win32.exe
    • Instructions:
      1. Right Click on vnc_4_1_3-x86_win32.exe
      2. Click Open

     

  6. Open File - Security Warning
    • Instructions:
      1. Click the Run Button

     

  7. Setup - VNC
    • Instructions:
      1. Click the Next Button

     

  8. Setup - VNC (License Agreement)
    • Instructions:
      1. Click the I accept the agreement radio button
      2. Click the Next Button

     

  9. Setup - VNC (Select Destination Location)
    • Instructions:
      1. Take the default location
        • C:\Program Files\RealVNC\VNC4
      2. Click the Next Button

     

  10. Setup - VNC (Select Components)
    • Instructions:
      1. Select Full installation
      2. Check both VNC Server and VNC Viewer
      3. Click the Next Button

     

  11. Setup - VNC (Select Start Menu Folder)
    • Instructions:
      1. Take the Default
        • RealVNC
      2. Click the Next Button

     

  12. Setup - VNC (Select Additional Tasks)
    • Instructions:
      1. Check Register and configure VNC Server for Service-Mode
      2. Check Start the VNC Server in Service-Mode
      3. Click the Next Button

     

  13. Setup - VNC (Select Additional Tasks)
    • Instructions:
      1. Click the Install Button

     

  14. VNC Server Properties (Configure)
    • Instructions:
      1. Click the Authentication Tab
      2. Click the VNC Password Authentication radio button
      3. Click the Configure Button

     

  15. VNC Server Properties (Set Weak Password)
    • Instructions:
      1. New Password: abc123
      2. Confirm Password: abc123
      3. Click the OK Button
      4. Click the OK Button

     

  16. Setup - VNC (Information)
    • Instructions:
      1. Click the Next Button

     

  17. Setup - VNC (Finish)
    • Instructions:
      1. Click the Finish Button

     

Section 3: Proof of Lab
  1. Open the Command Prompt
    • Instructions:
      1. Click the Start Button
      2. All Programs --> Accessories --> Command Prompt

     

  2. Proof of Lab
    • Instructions:
      1. dir "C:\Program Files" | find /i "vnc"
      2. date /t
      3. echo "Your Name"
        • Put in your actual name in place of "Your Name"
        • e.g., echo "John Gray"
    • Proof of Lab Instructions
      1. Press the <Ctrl> and <Alt> key at the same time.
      2. Press the <PrtScn> key.
      3. Paste into a word document
      4. Upload to Moodle


Help ComputerSecurityStudent
pay for continued research,
resources & bandwidth