{
	"id": "258f248c-a603-4bb2-b04b-1fe58b05b947",
	"created_at": "2026-04-06T00:13:27.217827Z",
	"updated_at": "2026-04-10T13:12:21.595552Z",
	"deleted_at": null,
	"sha1_hash": "0229525b181c03072a19171188dfc024161c0d14",
	"title": "Metasploit Unleashed | VNC Authentication",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 289488,
	"plain_text": "Metasploit Unleashed | VNC Authentication\r\nArchived: 2026-04-05 21:58:20 UTC\r\nMetasploit Auxiliary Module – VNC None Scanner | Metasploit unleashed\r\nVNC Authentication Check with the None Scanner\r\na11y.text VNC Authentication Check with the None Scanner\r\nThe VNC Authentication None Scanner is an Auxiliary Module for Metasploit. This tool will search a range of IP\r\naddresses looking for targets that are running a VNC Server without a password configured. Pretty well every\r\nadministrator worth his/her salt sets a password prior to allowing inbound connections but you never know when\r\nyou might catch a lucky break and a successful pen-test leaves no stone unturned.\r\nIn fact, once when doing a pentest, we came across a system on the target network with an open VNC installation.\r\nWhile we were documenting our findings, I noticed some activity on the system. It turns out, someone else had\r\nfound the system as well! An unauthorized user was live and active on the same system at the same time. After\r\nengaging in some social engineering with the intruder, we were informed by the user they had just got into the\r\nhttps://www.offensive-security.com/metasploit-unleashed/vnc-authentication/\r\nPage 1 of 2\n\nsystem, and came across it as they were scanning large chunks of IP addresses looking for open systems. This just\r\ndrives home the fact that intruders are in fact actively looking for this low hanging fruit, so you ignore it at your\r\nown risk.\r\nTo use the VNC Scanner, we first select the auxiliary module, define our options, then let it run.\r\nmsf auxiliary(vnc_none_auth) \u003e use auxiliary/scanner/vnc/vnc_none_auth\r\nmsf auxiliary(vnc_none_auth) \u003e show options\r\nModule options:\r\n Name Current Setting Required Description\r\n ---- --------------- -------- -----------\r\n RHOSTS yes The target address range or CIDR identifier\r\n RPORT 5900 yes The target port\r\n THREADS 1 yes The number of concurrent threads\r\nmsf auxiliary(vnc_none_auth) \u003e set RHOSTS 192.168.1.0/24\r\nRHOSTS =\u003e 192.168.1.0/24\r\nmsf auxiliary(vnc_none_auth) \u003e set THREADS 50\r\nTHREADS =\u003e 50\r\nmsf auxiliary(vnc_none_auth) \u003e run\r\n[*] 192.168.1.121:5900, VNC server protocol version : RFB 003.008\r\n[*] 192.168.1.121:5900, VNC server security types supported : None, free access!\r\n[*] Auxiliary module execution completed\r\nSource: https://www.offensive-security.com/metasploit-unleashed/vnc-authentication/\r\nhttps://www.offensive-security.com/metasploit-unleashed/vnc-authentication/\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://www.offensive-security.com/metasploit-unleashed/vnc-authentication/"
	],
	"report_names": [
		"vnc-authentication"
	],
	"threat_actors": [],
	"ts_created_at": 1775434407,
	"ts_updated_at": 1775826741,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/0229525b181c03072a19171188dfc024161c0d14.pdf",
		"text": "https://archive.orkl.eu/0229525b181c03072a19171188dfc024161c0d14.txt",
		"img": "https://archive.orkl.eu/0229525b181c03072a19171188dfc024161c0d14.jpg"
	}
}