Thursday, November 6, 2008

Perl script for vncpasswd

VNCpasswd is a program used by vncserver's to set the authentication cookie (what we call a password) using the rfbauthentication protocol. The main reason why you want to specify a password file for a VNC server connection is really because you don't want anybody else to be able to connect to the VNC port and have access to control your screen.

But the problem with VNCpasswd is that it requires users to input by prompt and I would like to automate this process of password encryption using VNCpasswd. How do we do it then? We have to create a perl script wrapper around the xvnc.

VNCpasswd itself was written using C++. I downloaded the source codes of VNCpasswd using the following command:

apt-get source xvnc4viewer

Basically, inside the unix/ folder, you can find all source codes for vncpasswd, vncviewer, vnconnect etc. Looking into vncpasswd, you will realise vncpasswd use a few common functions inside the common/rfb folder, namely 'd3des.c' and 'Password.cxx'. Looking into the codes of Password.cxx, you will realise that the vncpasswd basically uses DES with a plain text key of {23, 82, 107, 6, 35, 78, 88, 7}.

Logically, I thought that it was easy to do so. And I should be able to to technically perform the same operation using the built-in Perl DES library. My code for this were as follows:

#!/usr/bin/perl
use Crypt::DES;
my $key = pack ('C8', 23,82,107,6,35,78,88,7);
my $cipher = Crypt::DES->new ($key);
$ciphertext = $cipher-$gt;encrypt('password');
$plaintext = $cipher-$gt;decrypt($ciphertext);
print "$plaintext is encrypted to become $ciphertext";

Simple enough, but the above codes didn't somehow match the codes that were given when i simply executte `vncpasswd password`. After much playing around, I decided to drop this approach. I am not sure if vncpasswd uses triple DES instead, either that or they created their own version of DES with slight differences.

Anyhow, I moved on and found that x11vnc actually allows you to create password using the -storepasswd option. In the following format:
x11vnc -storepassword

Viola! Problem 'technically' solved. Well, I can't create a wrapper for this. But since x11vnc solves my problem, why should I bother writting another perl script that performs the same functions? I rather spend my time optimizing my codes..
Posted by at
Labels: , , , ,

1 comment:

Gringo Suave said...

Glad you got thru it. If you are curious you might wanna take a look at my solution in Python.

October 15, 2010 at 7:21 PM

Post a Comment

Subscribe to: Post Comments (Atom)