Virtual Machine Remote Control (protocol): Difference between revisions

no edit summary
(Created page with "VMRC is <s>a pile of garbage which is</s> modified VNC with NTLM and Kerberos authentication. Ain't that fun? The Kerberos portion of this protocol requires an AD to be present on the server itself, so we will be only covering NTLM itself as no one wants to bother setting up an buggy piece of shit server daemon on an AD out of all things. Used in Virtual Server 2005. == Opening == When a VMRC client and server exchange information, the exchange of packets will be...")
 
No edit summary
When a VMRC client and server exchange information, the exchange of packets will be as follows:
 
Legend: '''S''' == <code>Server</code>, '''C''' == <code>Client</code>
 
# '''S''' → '''C''': <kbd>RFB 003.006</kbd>
# '''S''' → '''C''': [0x00, 0x00, 0x00, 0x0y]
 
The `<kbd>y`</kbd> denotes the authentication method used:
* 0x00: None (unused?)
* 0x04: NTLM (NTLMSSP_NEGOTIATE flags set to 0xA208B207.)
* 0x05,: reconnectReconnect, followed by 0x04, 0x05, 0x06, explained below
* 0x06: Negotiate (No idea what this is... the client calls it NTLM but the structure is way different.)
 
0x05, always will connect twice if detected, and changes the authentication method to:
* 0x04: NTLM (NTLMSSP_NEGOTIATE flags set to 0xA2088207.)
* 0x05: Kerberos.