CVE-2006-2369

This repository contains a functional Python exploit for CVE-2006-2369, an authentication bypass vulnerability in RealVNC. The exploit implements both proxy and screenshot modes, leveraging the RFB protocol to bypass authentication by forcing security type 1 (None).

This Metasploit auxiliary module scans for VNC servers that support the 'None' authentication method, which can allow unauthorized access. It performs a handshake and checks the supported security types, reporting if 'None' is included.

This exploit bypasses authentication in RealVNC Server 4.1.0 and 4.1.1 by performing a man-in-the-middle attack on the VNC authentication process, allowing unauthorized access. It sets up a proxy listener to facilitate the attack.

This patch modifies the VNC client's authentication process to bypass security by forcing the security type to 'None'. It exploits CVE-2006-2369, a vulnerability in VNC's authentication mechanism.

This exploit bypasses authentication in RealVNC 4.1 by acting as a proxy between a VNC client and server, forcing NULL authentication. It manipulates the VNC protocol handshake to grant unauthorized access.

This exploit bypasses authentication in RealVNC 4.1.0 and 4.1.1 by proxying connections between a vulnerable VNC server and a local VNC viewer, effectively granting unauthorized access. It requires the attacker to have vncviewer installed and listens on a local port to facilitate the connection.

This Metasploit module exploits an authentication bypass vulnerability in RealVNC Server versions 4.1.0 and 4.1.1 by acting as a man-in-the-middle proxy, allowing unauthorized access to the VNC server. It intercepts and manipulates the authentication process to bypass security checks.