Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

VNC Brute Force Login

Information

Severity

Severity

Critical

Family

Family

Brute force attacks

CVSSv2 Base

CVSSv2 Base

9.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:P/A:P

Solution Type

Solution Type

Mitigation

Created

Created

6 years ago

Modified

Modified

3 years ago

Summary

Try to log in with given passwords via VNC protocol.

Insight

Insight

This script tries to authenticate to a VNC server with the passwords set in the password preference. It will also test and report if no authentication / password is required at all. Note: Some VNC servers have a blacklisting scheme that blocks IP addresses after five unsuccessful connection attempts for a period of time. The script will abort the brute force attack if it encounters that it gets blocked. Note as well that passwords can be max. 8 characters long.

Solution

Solution

Change the password to something hard to guess or enable password protection at all.