# 5800,5801,5900,5901 - Kupima Usalama wa VNC

<details>

<summary><strong>Jifunze kuhusu kudukua AWS kutoka mwanzo hadi mtaalamu na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalamu wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>

Njia nyingine za kusaidia HackTricks:

* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) ya kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.

</details>

## Taarifa Msingi

**Virtual Network Computing (VNC)** ni mfumo imara wa kushirikiana na desktop kwa kutumia **Remote Frame Buffer (RFB)** itifaki kuruhusu kudhibiti na ushirikiano wa mbali na kompyuta nyingine. Kwa VNC, watumiaji wanaweza kuingiliana kwa urahisi na kompyuta ya mbali kwa kutuma matukio ya kibodi na panya kwa pande zote. Hii inaruhusu upatikanaji wa wakati halisi na kufanikisha msaada wa mbali au ushirikiano ufanisi kupitia mtandao.

VNC kawaida hutumia bandari **5800 au 5801 au 5900 au 5901.**
```
PORT    STATE SERVICE
5900/tcp open  vnc
```
## Uchambuzi
```bash
nmap -sV --script vnc-info,realvnc-auth-bypass,vnc-title -p <PORT> <IP>
msf> use auxiliary/scanner/vnc/vnc_none_auth
```
### [**Kujaribu nguvu**](../generic-methodologies-and-resources/brute-force.md#vnc)

## Unganisha kwa vnc ukitumia Kali
```bash
vncviewer [-passwd passwd.txt] <IP>::5901
```
## Kufichua nenosiri la VNC

**Nenosiri la chaguo-msingi** limewekwa katika: \~/.vnc/passwd

Ikiwa una nenosiri la VNC na inaonekana limefichwa (baadhi ya herufi, kama vile linaweza kuwa nenosiri lililofichwa), labda limefichwa kwa 3des. Unaweza kupata nenosiri wazi kutumia [https://github.com/jeroennijhof/vncpwd](https://github.com/jeroennijhof/vncpwd)
```bash
make
vncpwd <vnc password file>
```
Unaweza kufanya hivi kwa sababu nenosiri lililotumika ndani ya 3des kwa kusimbua nywila za VNC ziligeuzwa miaka iliyopita.\
Kwa **Windows** unaweza pia kutumia chombo hiki: [https://www.raymond.cc/blog/download/did/232/](https://www.raymond.cc/blog/download/did/232/)\
Nimehifadhi chombo hapa pia kwa urahisi wa kupata:

{% file src="../.gitbook/assets/vncpwd.zip" %}

## Shodan

* `port:5900 RFB`

<details>

<summary><strong>Jifunze kuhusu kuvunja AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>

Njia nyingine za kusaidia HackTricks:

* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) za kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu zako za kuvamia kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.

</details>