vnc launch

Re: vnc lauch

Postby Skyfighter » 2015-11-30 08:39

Thank you very much for the update!

Rudi De Vos wrote:Update
scan options
[v]auto 5 minutes
[v]scan on refresh

I think there went something wrong:
- if both options are enabled + hit reload button -> launcher seems to be in a "online-check-loop" (it iterates through the server and starts again from the beginning...)
- if only "scan on refresh" is enabled + hit reload button -> launcher doesn't check the online status
- if only "auto 5 minutes" is enabled: sometimes (not always) it scans at launcher-start...it does not seem to scan every 5 minutes (not sure about that)
(for the short test: I changed the settings and restartet the launcher...then observed the above described)

I think it should be that way:
"auto 5 minutes" = 1 -> scan online-status at launcher-start and every 5 minutes
"scan on refresh" = 1 -> scan online-status on reload-button (if reload button is hit and "auto 5 minutes" = 1 perhaps timer should be reset to freshly countdown 5 min to the next online-check)
?
Skyfighter
40
40
 
Posts: 73
Joined: 2014-12-31 22:10

Re: vnc lauch

Postby Prisma » 2015-11-30 12:11

Issues repeater:
* Initial repeater scan seems to be not done. All servers red after program start.
* After manual scan all server go green/red and then the first server in list blinks green-grey/grey-green. All other servers stay green/red although all servers are online.

Repeater is configured global not per .vnc.

Issues viewer:
* still or again the viewer is searched "\vncviewer.exe" if no explicit viewer is configured. Correct search would be ".\vncviewer.exe"
Prisma
100
100
 
Posts: 285
Joined: 2005-10-27 15:50

Re: vnc lauch

Postby Rudi De Vos » 2015-11-30 12:21

green/red

repeater found using repeater setting in the .vnc
red: repeater gui
*ID not found
or
*gui not found or unable to connect user/passwd wrong

didn't corrected the empty path yet.
Rudi De Vos
Admin & Developer
Admin & Developer
 
Posts: 5626
Joined: 2004-04-23 10:21

Re: vnc lauch

Postby Rudi De Vos » 2015-11-30 12:23

Prisma, is the repeater reachable from the net...
Else i could try to connect and see what happen.

Looks like i need to add some debug window, impossible to tell what happen.
Rudi De Vos
Admin & Developer
Admin & Developer
 
Posts: 5626
Joined: 2004-04-23 10:21

Re: vnc lauch

Postby Prisma » 2015-11-30 12:34

yes, clear, green-red means repeater ok + id not found. So, couldn't be a login problem into the GUI otherwise it should stay a double red-red screen or a single red screen.

I assume check of IDs fails. Or isn't completed at all because of the hanging and blinking first item. We use extensive comments. A possible reason?
GUI is not available from Internet. I agree, without debug information it's not possible to dig deeper. A debug log file would be enough. No need of a window, my opinion...
Prisma
100
100
 
Posts: 285
Joined: 2005-10-27 15:50

Re: vnc lauch

Postby Rudi De Vos » 2015-11-30 12:40

No, first green use the .vnc repeater setting and port, not the gui port.
Rudi De Vos
Admin & Developer
Admin & Developer
 
Posts: 5626
Joined: 2004-04-23 10:21

Re: vnc lauch

Postby Prisma » 2015-11-30 13:21

Bad. How to see connection problems to GUI? Possibly the problem we have at the moment.
Prisma
100
100
 
Posts: 285
Joined: 2005-10-27 15:50

Re: vnc lauch

Postby Rudi De Vos » 2015-11-30 13:35

old style debug added (cmd show logging)

http://www.uvnc.eu/download/1209/UVNC_Launch05.zip
Rudi De Vos
Admin & Developer
Admin & Developer
 
Posts: 5626
Joined: 2004-04-23 10:21

Re: vnc lauch

Postby Prisma » 2015-11-30 14:01

Without knowing what Error 87 means, I'd say authentication error. But credential are correct. For sure, checked and retried multiple times. Any possible problems or bugs with encrypting decrypting password?

Code: Select all
++++++++ START SCAN TIMER ++++++++
repeater xxx.yyys.zzz port 5902 added to cache
http connect to 192.168.100.50 8089
The server requires authentication. Sending credentials...
Error 87 has occurred.
Repeater ID >12345678< Not Found
Found in cahe xxx.yyys.zzz 5902
Found in cahe xxx.yyys.zzzz 5902
Found in cahe xxx.yyys.zzz 5902
Found in cahe xxx.yyys.zzz 5902
Found in cahe xxx.yyys.zzzz 5902
Found in cahe xxx.yyys.zzz 5902
++++++++ STOP SCAN ++++++++
Prisma
100
100
 
Posts: 285
Joined: 2005-10-27 15:50

Re: vnc lauch

Postby Prisma » 2015-11-30 14:22

Found it.I typed the repeaters password the first time and every following tries directly on first program start into the global input field.
After typing the password one time while being "logged in" = using the gear wheel it works.

Seems to be a bug on first start that password isn't encrypted or with empty passphrase or what ever.
Prisma
100
100
 
Posts: 285
Joined: 2005-10-27 15:50

Re: vnc lauch

Postby Prisma » 2015-11-30 14:58

Repeatable:
Login -> not working. Use gear wheel, retype repeaters password -> working. Close application, start application, Login -> not working. Use gear wheel, retype repeaters password -> working.

And so on...
Prisma
100
100
 
Posts: 285
Joined: 2005-10-27 15:50

Re: vnc lauch

Postby Rudi De Vos » 2015-11-30 16:35

Yep, passwd issue.

Decryption web paswwd before entering global encryption passwd will not work.
Rudi De Vos
Admin & Developer
Admin & Developer
 
Posts: 5626
Joined: 2004-04-23 10:21

Re: vnc lauch

Postby Prisma » 2015-11-30 16:46

Yes, of course I don't expect a magical decryption without password :) But I did enter the password. So it must work.
As you can see in my description: after application restart and entering the "login" password (= the password used to encrypt decrypt passwords) it does not work.
Once "logged in" and use the gear wheel to re-enter repeaters password it does work. Until restart. Even if the "login" password (= the password used to encrypt decrypt passwords) is of course entered.

So, this is not by design. This is a bug. I assume we just misunderstood each other.
Prisma
100
100
 
Posts: 285
Joined: 2005-10-27 15:50

Re: vnc lauch

Postby Rudi De Vos » 2015-11-30 17:02

Yep, that was what i was saying...a bug.
We encrypt the web password , before the encryption password was entered...in source.

It was tested with the default password, then you don't need to enter a password on startup. But entering a password it fail, because we already decrypted the web password with a empty encrypt password on start, and not after entering the encryption password.
Rudi De Vos
Admin & Developer
Admin & Developer
 
Posts: 5626
Joined: 2004-04-23 10:21

Re: vnc lauch

Postby Rudi De Vos » 2015-11-30 18:41

corrected,
web gui password now get decrypted or set after you entered the encryption password first.

./vncviewer.exe corrected
more debug code added, passwd is visable in debug

http://www.uvnc.eu/download/1209/UVNC_Launch06.zip
Rudi De Vos
Admin & Developer
Admin & Developer
 
Posts: 5626
Joined: 2004-04-23 10:21

Re: vnc lauch

Postby Prisma » 2015-12-01 09:35

Sorry, but still not working. What I see:

  • After application start the repeaters password is non-edit (possibly inteded, but new).
  • After entering the decode password it's not working. I see:
Code: Select all
++++++++ START SCAN TIMER ++++++++
repeater xxx.yyy.zzz port 5902 added to cache
User admin password
http connect to 192.168.100.50 8089
The server requires authentication. Sending credentials...
The server requires authentication. Sending credentials...
Repeater ID >12345678< Not Found
Found in cahe xxx.yyy.zzz 5902
Found in cahe xxx.yyy.zzz 5902
Found in cahe xxx.yyy.zzz 5902
Found in cahe xxx.yyy.zzz 5902
Found in cahe xxx.yyy.zzz 5902
Found in cahe xxx.yyy.zzz 5902
++++++++ STOP SCAN ++++++++

  • After re-entering repeaters password via gear wheel it works.
Prisma
100
100
 
Posts: 285
Joined: 2005-10-27 15:50

Re: vnc lauch

Postby Rudi De Vos » 2015-12-01 10:14

User admin password -> this should be User admin password adminadmi2 ( if you are using the default)
In your case it's empty, so something went wrong decrypting it.

I tested this version multiple times, with a defined password.
And it was working, perhaps some parameters are incorrect in the file.

1) make sure we have a clean ini
/uvnc
remove the rpass entry in the ini file to be sure it's empty or remove the config file.

In the test .vnc file, please check if the rpass entry does not exist, even when it's empty( rpass="") it overwrite
the global gui passwd

2) open launch
set encrypt passwd, gui passwd is grayed
3) open preoperties
write gui passwd and press ok
4)Close lauch

Now we have the gui passwd set, using the "encrypt passwd"
1) start launch
2) enter "encrypt passwd", you notice a grayed gui passwd field, this is normal because before we know
the "encrypt passwd" we are unable to decript this entry
3) Check if the scan proper show the user/passwd used to web login
Rudi De Vos
Admin & Developer
Admin & Developer
 
Posts: 5626
Joined: 2004-04-23 10:21

Re: vnc lauch

Postby Prisma » 2015-12-01 11:29

Did it already as you described. Of course I did because it's not that heavy to type 2 passwords correct.
I assumed that the system is in an inconsistent state because of the previous bug.
So I did it several more times. And I did a reset, did a start over with an empty uvnclaunch.ini. After restart it is still not working.

But I noticed, that every time I restart the application and I do a "login", uvnclaunch.ini is rewritten and rpass changes. This must not happen!
This is at least one reason. The password is kind of alternating every time I restart.

I also noticed that even if I encrypt every time the same password it's not always the same rpass string.
Therefore I assume it's something like a pointer/memory errors, or encryption of already encrypted, or previously wrong decrypted and then reencrypted, or whatever. Something goes horrible horrible wrong.
Possibly more a pointer error. Why? Reason: You seem to encrypt in AES block mode. We use a short password. Always the same during testing. So rpass use to have some bytes, then a lot of zeros and one single different byte at it's end. But I noticed, sometimes not. There are bytes where have been zeros always before. Even though the always same encryption password and repeater password is used.

Don't get me wrong, but with this error pattern it doesn't make sense to do more tests or to dig deeper.
Prisma
100
100
 
Posts: 285
Joined: 2005-10-27 15:50

Re: vnc lauch

Postby Rudi De Vos » 2015-12-01 19:51

Found:
Using debug OK
Using release a empty field is not empty, looks like some lib error, but fixed
If debug behave different then release we can test forever.

Found another nasty bug in thre repeater.
When the launcher checked the status, existing connection break.
Fixed, buffers need to be reinit after a loop else our repeater alive test is like connecting the last connected ID again
and this kick the previous.

http://www.uvnc.eu/download/1209/UVNC_Launch07.zip ( include new repeater)
Rudi De Vos
Admin & Developer
Admin & Developer
 
Posts: 5626
Joined: 2004-04-23 10:21

Re: vnc lauch

Postby Prisma » 2015-12-02 10:18

Glad to hear you found the bug. Repeater is online, launcher tested. Works.
Prisma
100
100
 
Posts: 285
Joined: 2005-10-27 15:50

Re: vnc lauch

Postby Skyfighter » 2015-12-02 17:35

hmm...I'm a little bit irritated: there is something really weird happening when I try to store a password using the Edit-Menu of the launcher. It looks like (a part of) the password is used as the target Host on connecting to a server. :shock:

This is what I did:
- start launcher, enter password
- Context Menu -> Add -> enter a Hostname in "VNC-Server" -> Save-Button -> enter Hostname as Filename -> OK
- (wait until Server-Tree is rebuild...why does that take that long?)
- double-click the new created server -> instantly password-request popup: enter password -> OK -> Connection is up.
=> Thats OK, but now try to store the password in the launcher
- select the new created server -> context menu -> Edit -> enter Password in Password-Field -> Save
- double-click the server...only "VNC Viewer Status" is shown, no password-request...
=> looking at the "VNC Viewer Status" it shows the last part of the Connection-Password as "VNC Server"-Host!?
=> looking at the DebugConsole: the online-check ist contacting the right Hostname (server is shown "online" in the tree)

Argh, while writing I realize the problem: If the Connection-Password has a "blank"/"space character" in it -> the part after the blank is used as Server-Host (according to the "VNC Viewer Status"). Only the online/offline check uses the right Hostname...

EDIT: I can't see any fault in the *.vnc files; the "blank"-bug seems to be in the launcher / variable-handling.
EDIT2: I see...you pass the password on the commandline:
"...\vncviewer.exe" -password PASS WORD -config ".\uvnc\hostname.vnc"
...it need to be:
"...\vncviewer.exe" -password "PASS WORD" -config ".\uvnc\hostname.vnc"
Skyfighter
40
40
 
Posts: 73
Joined: 2014-12-31 22:10

Re: vnc lauch

Postby Rudi De Vos » 2015-12-02 18:21

yep, i only added "" around the config file name, not the pass.

" needed for space
PASS WORD
Just wondering, can you use a " as part of the password ?
PASS"WORD
Rudi De Vos
Admin & Developer
Admin & Developer
 
Posts: 5626
Joined: 2004-04-23 10:21

Re: vnc lauch

Postby Skyfighter » 2015-12-02 18:46

tried it: you can use " in the password (e.g. pass"word )...connection succeeds as long as you manually enter the password in the viewer request window, but I couldn't figure out how to pass such a password to the viewer using the commandline (" needs to be escaped?).
Skyfighter
40
40
 
Posts: 73
Joined: 2014-12-31 22:10

Re: vnc lauch

Postby Skyfighter » 2015-12-02 19:07

Passing the password in clear text is not that secure, is it? (Other applications could just snoop the commandline of the process...)
Perhaps it would be a little better to implement a second password switch in the viewer, which accepts a default-encoded password (like passwd / passwd2 in UltraVNC.ini)...then pass the password from launcher to viewer using this new commandline parameter. Other benefit: no problems with special characters like blanks, double quotes, ... 8)
Skyfighter
40
40
 
Posts: 73
Joined: 2014-12-31 22:10

Re: vnc lauch

Postby Rudi De Vos » 2015-12-02 20:08

Most applications don't allow ' " & . Peopls we use them have bad luck, we don't support it.
a " " need to be supported as people sometimes use a sentence as pass.

ultravnc.ini, vnc can encrypt/decrypt the password with a buildin key.
This is uncesure, it just hide the passwd for dummy's.
This how the current vnc password is done.

The launcher has a single password that's used as encryption key for blowfish encryption.
This encryption encrypt all passwords
web passwd in uvnclaunch.ini
vnc password using an extra entry in the .vnc file, only used by the launcher.
You will see it as mspasswd in, the .vnc file

The problem is that you can only decrypt the password with the provided encryption you enter on start.
vncviewer doesn't know it, so he can't decrypt the password
If I pass this password to the viewer, the master password is visable via the commandline, so same issue.

shared memory?
Rudi De Vos
Admin & Developer
Admin & Developer
 
Posts: 5626
Joined: 2004-04-23 10:21

Re: vnc lauch

Postby Skyfighter » 2015-12-02 20:43

Rudi De Vos wrote:Most applications don't allow ' " & . Peopls we use them have bad luck, we don't support it.
a " " need to be supported as people sometimes use a sentence as pass.

Fair enough! (I fully understand it...and would argue the same way.)

password handover launcher -> viewer: Yes, I see the problem (that's why I wrote "...a little better..." - it would still neglect the security aspects), but sadly I'm not a professional software developer...just don't know what a suitable solution could be. :(

Rudi De Vos wrote:shared memory?

hmm... have a look at http://stackoverflow.com/questions/11959647/secure-named-shared-memory-on-windows-so-only-specific-processes-can-open, which guides us to DuplicateHandle https://msdn.microsoft.com/en-us/library/windows/desktop/ms724251%28v=vs.85%29.aspx. Could that be a solution?
Skyfighter
40
40
 
Posts: 73
Joined: 2014-12-31 22:10

Re: vnc lauch

Postby Rudi De Vos » 2015-12-02 21:15

The risk is limited, even with the commandline.
Who can see it: You and the admin
The current user can see his own commandline ( using taskgr)
to see the processes from other users you need to be admin

Admin
Normal, someone with admin access already can do what he want... even install a keylogger.


I gonna check the net to see if this a real risk or not.
Rudi De Vos
Admin & Developer
Admin & Developer
 
Posts: 5626
Joined: 2004-04-23 10:21

Re: vnc lauch

Postby Skyfighter » 2015-12-02 23:13

Created a few vnc-connection files and now the Launcher crashes on start (after entering the password) -> found the culprit: if the filename-length exceeds 31+4 chars the launcher crashes with 0xc0000409. (If you need a crash dump, let me know.)
.\uvnc\1234567890123456789012345678901.vnc -> OK
.\uvnc\12345678901234567890123456789012.vnc -> crash
=> Could you please raise that limit to the max. of 255 chars? (Filename is the only Description Field of the launcher)

And a question: Why does a manual "reload servers" take more than 20 seconds (tree is invisible in that time; console only says "DEbug started")? (settings: scanrefresh=0 + scan5=0)
Skyfighter
40
40
 
Posts: 73
Joined: 2014-12-31 22:10

Re: vnc lauch

Postby Rudi De Vos » 2015-12-03 22:12

Rudi De Vos
Admin & Developer
Admin & Developer
 
Posts: 5626
Joined: 2004-04-23 10:21

Re: vnc lauch

Postby Prisma » 2015-12-04 16:32

Have problems here. Initially after "login" it takes 5 seconds until any check happens. But when it happens, it fails. As you can see attached. If I press refresh immediately after this, it works. As you can also see.

What is it?

Code: Select all
DEbug started
++++++++ START SCAN TIMER ++++++++
repeater xxx.yyy.zzz port 5902 added to cache
User x password y
http connect to 192.168.100.50 8089
The server requires authentication. Sending credentials...
The resource was successfully retrieved.
Repeater ID >12345678< Not Found
Found in cahe xxx.yyy.zzz 5902
Found in cahe xxx.yyy.zzz 5902
Found in cahe xxx.yyy.zzz 5902
Found in cahe xxx.yyy.zzz 5902
Found in cahe xxx.yyy.zzz 5902
Found in cahe xxx.yyy.zzz 5902
++++++++ STOP SCAN ++++++++
++++++++ START SCAN REFRESH ++++++++
repeater xxx.yyy.zzz port 5902 added to cache
User x password y
http connect to 192.168.100.50 8089
The server requires authentication. Sending credentials...
The resource was successfully retrieved.
Repeater ID >12345678< found  server waiting
Found in cahe xxx.yyy.zzz 5902
Repeater ID >12345679< found  server waiting
Found in cahe xxx.yyy.zzz 5902
Repeater ID >12345670< found  server waiting
Found in cahe xxx.yyy.zzz 5902
Repeater ID >12345671< found  server waiting
Found in cahe xxx.yyy.zzz 5902
Repeater ID >12345672< found  server waiting
Found in cahe xxx.yyy.zzz 5902
Repeater ID >12345673< found  server waiting
Found in cahe xxx.yyy.zzz 5902
Repeater ID >12345674< found  server waiting
++++++++ STOP SCAN ++++++++
Prisma
100
100
 
Posts: 285
Joined: 2005-10-27 15:50

PreviousNext

Return to 1.2.0.X

Who is online

Users browsing this forum: No registered users and 1 guest

cron