Add files via upload

Scripts/ConfigParsers/parser-vnc.ini.ps1

@@ -0,0 +1,110 @@
+# Author: Scott Sutherland, NetSPI (@_nullbind / nullbind)
+function Get-VNCPassword {
+    param (
+        [Parameter(Mandatory=$true)]
+        [string]$VncIniPath
+    )
+
+    # Define the fixed DES key used by VNC
+    $desKey = [byte[]](0x23, 0x52, 0x6A, 0x3B, 0x58, 0x92, 0x67, 0x34)
+
+    # Read the vnc.ini file
+    if (-Not (Test-Path -Path $VncIniPath)) {
+        Write-Error "The file path '$VncIniPath' does not exist."
+        return
+    }
+
+    $vncIniContent = Get-Content -Path $VncIniPath
+
+    # Extract the encrypted password from the ini file
+    $encryptedHex = ($vncIniContent | ForEach-Object {
+        if ($_ -match '^Password=(.+)$') {
+            return $matches[1]
+        }
+    }).Trim()
+
+    if (-not $encryptedHex) {
+        Write-Output "Password not found in vnc.ini"
+        return
+    }
+
+    # Convert the hex string to a byte array
+    $encryptedBytes = for ($i = 0; $i -lt $encryptedHex.Length; $i += 2) {
+        [Convert]::ToByte($encryptedHex.Substring($i, 2), 16)
+    }
+
+    # Create a DES crypto object and set the key and mode
+    $des = New-Object System.Security.Cryptography.DESCryptoServiceProvider
+    $des.Key = $desKey  # Assign the key as a byte array
+    $des.Mode = [System.Security.Cryptography.CipherMode]::ECB
+    $des.Padding = [System.Security.Cryptography.PaddingMode]::None
+
+    # Create a decryptor
+    $decryptor = $des.CreateDecryptor()
+
+    # Decrypt the encrypted password
+    $decryptedBytes = $decryptor.TransformFinalBlock($encryptedBytes, 0, $encryptedBytes.Length)
+
+    # Convert the decrypted byte array to a string, trimming null characters
+    $decryptedPassword = [System.Text.Encoding]::ASCII.GetString($decryptedBytes).Trim("`0")
+
+    # Return the decrypted password as an object
+    return [pscustomobject]@{
+        DecryptedPassword = $decryptedPassword
+    }
+}
+
+# Example usage
+$path = "c:\temp\configs\vnc.ini"
+$passwordObject = Get-VNCPassword -VncIniPath $path
+$passwordObject
+
+
+
+
+<# vnc.ini
+
+[Server]
+# The port on which the VNC server listens for connections (default: 5900)
+Port=5900
+
+# Defines the IP address to bind the VNC server to. Leave blank to bind to all interfaces.
+BindTo=0.0.0.0
+
+# Enable or disable authentication. If 1, authentication is enabled.
+Authentication=1
+
+# VNC password (encoded or plain text depending on the software)
+Password=01d47b4186dfa5a3
+
+# Encryption (optional). Enable or disable encryption for VNC connections.
+Encryption=1
+
+# Set the idle timeout for client connections (in seconds)
+IdleTimeout=600
+
+# Maximum number of clients that can connect at once
+MaxClients=5
+
+[Security]
+# Use SSL encryption for communication between VNC clients and server
+UseSSL=0
+
+# If SSL is enabled, provide the path to the SSL certificate file.
+SSLCertificateFile=C:\path\to\ssl\certificate.pem
+
+# Enable or disable TLS encryption
+UseTLS=1
+
+[Logging]
+# Enable or disable logging. If 1, logging is enabled.
+EnableLogging=1
+
+# Log file location
+LogFile=C:\path\to\log\vncserver.log
+
+# Log level (INFO, DEBUG, ERROR, etc.)
+LogLevel=INFO
+
+
+#>