VNC Resolver, formerly known as "VNC Roulette" and "VNC Funland", is a tool that displays random insecure VNC servers. It is similar to sites like srsly.de, WorldofVNC, Shodan, and others. It was created in late 2015.
The first scan was done in December 2015. The latest scan was done on May 24, 2022 and ended on May 27, 2022
You can browse the current scan by going here. It is also available through CollabBot by typing +vnc.
VNC Resolver
VNC Resolver is currently a part of the CollabBot bot on the CollabVM Discord. It also has a web interface (linked above).
VNC Resolver works by portscanning the entire internet for various ports (usually 5900 - 5910, but smaller ASNs usually get more ports scanned), and then a script attempts to take a screenshot of the found servers. If it times out or is passworded, the server is skipped, but if a connection is successful, a screenshot is taken and it is added to the database.
The scripts for VNC Resolver were released on September 27, 2018 and may be downloaded here. (WARNING: Port scanning the entire internet WILL GET YOUR IP LISTED IN MOST MAJOR BLACKLISTS. This will likely cause you to be banned from certain sites. Many major ISPs across the world also ban portscanning entirely, and may terminate your service if they catch you. Use a VPS if you're going to run this.)
Types of VNC's
Common VNC types found over the years
- Black screens
- Dead VNC's (Possibly due to dynamic IP's)
- Servers
- Embedded computers
- Login screens
- Honeypots
- Internet cafe machines
- Asian gamers?
- Billboards
- XSCREENSAVER
Incident
An incident occurred on February 21 2016 involving VNC Roulette, in which Damian connected to an insecure VNC which was connected to a pool in a small town in New Jersey. Guest1337 attempted to set the pH levels to potentially lethal levels, but was stopped by both the software and an administrator before any harm could actually be done.
It should be noted that the user in question was doing this from his own computer on CollabVM.
Following the incident, the VNC Roulette was shut down in order to make improvements, and it has returned sporadically, although usually going down for technical reasons.
Gallery of VNCs
The most common type of VNC you'll find.
The second most common. Text in terminal may vary.
The third most common. The desktop may vary.
The fourth most common. Usually in Japanese.
Another industrial machine
Another industrial machine
Another industrial machine
Another strange industrial machine
Another industrial machine in Polish
An industrial machine with a vaguely funny message. This was later changed to "Safe to Shoot."
Someone playing Tic Tac Toe against a computer (and losing...)
Hotel POS software running on Windows NT 4
Someone running a "password generator" on their open VNC
Someone viewing their Gmail
Nvidia-themed Ubuntu login
An error on BSD or Mac OS
Chinese Windows 7 login with a user named "Mark"
An error on some Hebrew software
Terminal connecting to some IP address
Chinese Linux distribution
A seemingly hacked Linux root shell
Guy watching the world die on a industrial machine
Quick! They are on to me!! Better turn off my computer!!!
Something that looks like a UEFI firmware settings menu
A computer without an operating system
Another computer without an operating system
An OpenSUSE login screen. Variants are plentiful.
A Linux display manager for a library computer
A Debian computer that has been logged into
A Linux root console that has executed ip route
A Cirros Linux login screen. Very common.
Somebody updating their Linux system
A program/OS which seems to be hacking-related
A Linux login screen with a warning
An Ubuntu 14.04 login screen
An insecure VNC showing TeamViewer login. Funnily enough, the client name was "kk-security194".
A VNC that should definitely not be online.
A VNC which is just Dickbutt.
Interesting kitchen IoT(?) VNC
VNC of an sewage company that manages water pipes.
An insecure VNC hosting a server for the game "Subsistence".
Login screen for a Linux distribution called "SecFox OS", running on a Chinese server. No information about this OS appears to be present online.
A VNC that appears to belong to a billboard or some digital signage.
Broken turkish VNC server sending invalid compression data, resulting in this broken mess.
A VNC with 4 GPUs mining Bitcoin.
A DSOX1202A Oscilloscope by Keystone with an Open VNC
A Windows 7 VM running on Port 15900. Always remember: Security by obscurity is not security.
A very good lock screen wallpaper.
Someone playing Minecraft
Some monitoring software?
See also
A CollabVM Wikia version of this page