Hi all,
Just a brief on my setup:
I have a vncserver with ultravnc repeater running on it. Clients make a secure connection into the server externally and supporters make a secure connection to the server internally. Both Client and Supporters use a generated rc4.key file. The customer downloads the sc.exe file and takes the relevent steps to make a connection.
The question i have is that when the client downloads the sc.exe, within that self extracting zip file is the rc4.key....... Therefore all someone has to do is download the sc.exe file and they have hold of the encryption method key and key length... am i right?
I guess the question is am i able to make the self extracting exe secure? so that no-one can get access to the rc4.key file?
Regards
Dan
After more 1 000 000 (one million) views on forum for 1.5.0.x development versions... and 1.6.1.0, 1.6.3.0-dev versions
A new stable version, UltraVNC 1.6.4.0 and UltraVNC SC 1.6.4.0 have been released: https://forum.uvnc.com/viewtopic.php?t=38095
Feedback is welcome
Celebrating the 22th anniversary of the UltraVNC (25th anniversary since the laying of the foundation stone): https://forum.uvnc.com/viewtopic.php?t=38031
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864
Forum password change request: https://forum.uvnc.com/viewtopic.php?t=38078
Development: UltraVNC development is always here... Any help is welcome.
Feedback is welcome
Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
A new stable version, UltraVNC 1.6.4.0 and UltraVNC SC 1.6.4.0 have been released: https://forum.uvnc.com/viewtopic.php?t=38095
Feedback is welcome
Celebrating the 22th anniversary of the UltraVNC (25th anniversary since the laying of the foundation stone): https://forum.uvnc.com/viewtopic.php?t=38031
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864
Forum password change request: https://forum.uvnc.com/viewtopic.php?t=38078
Development: UltraVNC development is always here... Any help is welcome.
Feedback is welcome
Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
SC with MSRC4 Encryption Secure? The rc4.key is extractable
-
DanielHughes
- Posts: 2
- Joined: 2006-08-29 10:40
-
Rudi De Vos
- Admin & Developer
- Posts: 6970
- Joined: 2004-04-23 10:21
- Contact:
Re: SC with MSRC4 Encryption Secure? The rc4.key is extracta
Key can be extracted.
As the plugin need to read the key, it's impossible to prevent this.
As the plugin need to read the key, it's impossible to prevent this.
-
DanielHughes
- Posts: 2
- Joined: 2006-08-29 10:40
Re: SC with MSRC4 Encryption Secure? The rc4.key is extracta
Oh, its not that secure then?
Is is possible to secure the .exe with somesort of password encrpytion? like winzip password protect?
Regards
Dan
Is is possible to secure the .exe with somesort of password encrpytion? like winzip password protect?
Regards
Dan