盘绰网教程:是一个免费提供流行视频软件教程、在线学习分享的学习平台!

vnc登陆口令猜解研究

时间:2023/9/7作者:未知来源:盘绰网教程人气:


[摘要]vnc所有帐号登陆的时候:  1.加入ip到一个列表(黑名单), 并记录时间, 在这个时间上+10s钟作为下一次连接拒绝时间。   2.登陆次数限制, 如果失败超过5次, 则加入黑名党, 再等10...

vnc所有帐号登陆的时候:  1.加入ip到一个列表(黑名单), 并记录时间, 在这个时间上+10s钟作为下一次连接拒绝时间。   2.登陆次数限制, 如果失败超过5次, 则加入黑名党, 再等10s后才能登陆。     请 ...

  vnc所有帐号登陆的时候:

  1.加入ip到一个列表(黑名单), 并记录时间, 在这个时间上+10s钟作为下一次连接拒绝时间。

  2.登陆次数限制, 如果失败超过5次, 则加入黑名党, 再等10s后才能登陆。

  

  请看下面代码:

  void

  vncServer::AddAuthHostsBlacklist(const char *machine)

  {

  omni_mutex_lock l(m_clientsLock);

  // -=- Is the specified host blacklisted?

  vncServer::BlacklistEntry *current = m_blacklist;

  // Get the current time as a 64-bit value

  SYSTEMTIME      systime;

  FILETIME      ftime;

  LARGE_INTEGER     now;

  GetSystemTime(&systime);

  SystemTimeToFileTime(&systime, &ftime);

  now.LowPart=ftime.dwLowDateTime;now.HighPart=ftime.dwHighDateTime;

  now.QuadPart /= 10000000; // Convert it into seconds

  while (current)

  {

  // Is this the entry we're interested in?

  if (_stricmp(current->_machineName, machine) == 0)

  {

  // If the host is already blocked then ignore

  if (current->_blocked)

  return;

  // Set the RefTime & failureCount

  current->_lastRefTime.QuadPart = now.QuadPart + 10;

  current->_failureCount++;

  if (current->_failureCount > 5)

  current->_blocked = TRUE;

  判定函数代码:

  while (current)

  {

  // Has the blacklist entry timed out?

  if ((now.QuadPart - current->_lastRefTime.QuadPart) > 0) {////当前时间超过隔离时间?即如果10s钟后

  // Yes. Is it a "blocked" entry?

  if (current->_blocked)

  {

  // Yes, so unblock it & re-set the reference time

  current->_blocked = FALSE;   ///超过10s, 解除黑名单

  current->_lastRefTime.QuadPart = now.QuadPart + 10;

  } else

  {

  // No, so remove it

  if (divvious)

  divvious->_next = current->_next;

  else

  m_blacklist = current->_next;

  vncServer::BlacklistEntry *next = current->_next;

  free(current->_machineName);

  delete current;

  current = next;

  continue;

  }

  

  }

  

  // Is this the entry we're interested in?

  if ((_stricmp(current->_machineName, hostname) == 0) &&/////比较是否再黑名单里面

  (current->_blocked))

  {

  // Machine is blocked, so just reject it

  vnclog.Print(LL_CONNERR, VNCLOG("client %s rejected due to blacklist entry\n"), hostname);

  

  return vncServer::aqrReject;

  }

  

  divvious = current;

  current = current->_next;

  }

  

  // Has a hostname been specified?

  if (hostname == 0) {

  vnclog.Print(LL_INTWARN, VNCLOG("verify failed - null hostname\n"));

  return vncServer::aqrReject;

  }

  

  ==================

  以上原因决定了vnc弱口令扫描的特点:

  1.密码最多只能超过5次出错, 然后就会被锁定, 需要10s钟解锁。

  2.出错超过5次后每猜解一个密码, 都会被锁定, 所以后面的密码猜解非常慢(每一个隔10s)。


上面是电脑上网安全的一些基础常识,学习了安全知识,几乎可以让你免费电脑中毒的烦扰。

关键词:  vnc登陆口令猜解研究





Copyright © 2012-2018 盘绰网教程(http://www.panchuo.com) .All Rights Reserved 网站地图 友情链接

免责声明:本站资源均来自互联网收集 如有侵犯到您利益的地方请及时联系管理删除,敬请见谅!

QQ:1006262270   邮箱:kfyvi376850063@126.com   手机版