VAASeline: VNC Attack Automation Suite

The Remote FrameBuffer (RFB) protocol is a pervasive part of many operational networks attackers find themselves in everyday. However, until now, there has not been a scalable way to automate attacks against systems which can only be contacted over RFB. Without a way in which the human can be removed from the attack loop an attackers Return On Investment (ROI) is too low for the attack vector to be used in a large scale way. This paper discusses the challenges associated with trying to automate attacks only using RFB and the standard protocol messages in RFB version 3.8.