Real VNC Server Detection 4.1
 
Plugin ID344
Plugin nameReal VNC Server Detection
Plugin filenameReal VNC Server Detection.plugin
Plugin filesize1830 bytes
Plugin familyHTTP
Plugin created namePo Naing Lin
Plugin created emailponainglin at gmail dot com
Plugin created webhttp://www.popularmyanmar.com
Plugin created companypoplarmyanmar.com
Plugin created date2007/07/24
Plugin version4.1
Plugin protocoltcp
Plugin port5800
Plugin procedure detectionopen|send HEAD / HTTP/1.0\n\n|sleep|close|pattern_exists HTTP/1.[0-1] ### *Server: RealVNC*
Plugin detection accuracy10
Plugin commentThis plugin was written with the ATK Attack Editor.
Bug affectedReal VNC servers
Bug not affectedAll other web server implementations
Bug vulnerability classConfiguration
Bug descriptionAn attacker who is able to get a direct connection to the port can identify the banner of this server as REAL VNC. By this knowledge further enumerations and attacks are possible.
Bug solutionUse Password Authentication
Bug fixing time1 hour
Bug exploit availabilityYes
Bug remoteYes
Bug localYes
Bug severityLow
Bug popularity9
Bug simplicity8
Bug impact5
Bug risk4
Bug Symantec NetRecon rating39
Bug check toolsMost scanners (e.g. N-Stealth, Whisker, Nikto) and security scanners (e.g. Nessus) are able to detect the used server.

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.