Sha256: 63824ce1b8d046a1c44575bf18a14f9c1a0a33adc3c68b9f22d3db4e7f892f42
Contents?: true
Size: 1.59 KB
Versions: 3
Compression:
Stored size: 1.59 KB
Contents
## # $Id: $ ## ## # # RFB protocol support # # by Joshua J. Drake <jduck> # # Based on: # vnc_auth_none contributed by Matteo Cantoni <goony[at]nothink.org> # vnc_auth_login contributed by carstein <carstein.sec[at]gmail.com> # ## # Required for VNC authentication require 'openssl' module Rex module Proto module RFB ## # A bit of information about the DES algorithm was found here: # http://www.vidarholen.net/contents/junk/vnc.html # # In addition, VNC uses two individual 8 byte block encryptions rather than # using any block mode (like cbc, ecb, etc). ## class Cipher def self.mangle_password(password) key = '' key = password.dup if password key.slice!(8,key.length) if key.length > 8 key << "\x00" * (8 - key.length) if key.length < 8 # We have to mangle the key so the LSB are kept vs the MSB [key.unpack('B*').first.scan(/.{8}/).map! { |e| e.reverse }.join].pack('B*') end def self.encrypt(plain, password) key = self.mangle_password(password) # VNC auth does two 8-byte blocks individually instead supporting some block mode cipher = '' 2.times { |x| c = OpenSSL::Cipher::Cipher.new('des') c.encrypt c.key = key cipher << c.update(plain[x*8, 8]) } cipher end # # NOTE: The default password is that of winvnc/etc which is used for # encrypting the password(s) on disk/in registry. # def self.decrypt(cipher, password = "\x17\x52\x6b\x06\x23\x4e\x58\x07") key = self.mangle_password(password) # NOTE: This only does one 8 byte block plain = '' c = OpenSSL::Cipher::Cipher.new('des') c.decrypt c.key = key c.update(cipher) end end end end end
Version data entries
3 entries across 3 versions & 1 rubygems
Version | Path |
---|---|
librex-0.0.12 | lib/rex/proto/rfb/cipher.rb |
librex-0.0.7 | lib/rex/proto/rfb/cipher.rb |
librex-0.0.6 | lib/rex/proto/rfb/cipher.rb |