VNC Spy tracks network traffic and detects keystrokes made through a VNC viewer.
One of the best things about VNC Spy is that it can be incredibly useful for monitoring remote access to your network, especially if someone insists on using VNC to log in from their Windows machine. By simply leaving vncspy running for a while, you can easily see user keystrokes that have been entered into the VNC server.
To start using this software, you would need to run vncspy as root. You can either su root, or sudo the command. An example of using this software is the command: sudo vncspy eth0 | tee keylog. By doing so, all the keystrokes entered by the engineer from home to the VNC server will be logged, so you can easily see his user name followed by his password.
Another unique way of improving security habits is by showing people their passwords. This technique has proven to be very effective, and the ability to print out the keystrokes entered with VNC Spy makes this method possible. Once you get a user's password, you could try writing it on a sticky-note and pasting it on their monitor to show them the importance of creating a secure password.
It is important to note that vncspy must be run as root, and it takes only one optional parameter which is the interface to sniff on. If the parameter is left out, it will automatically use the first interface on your system which is typically eth0.
If your system does not have libpcap available, you can install it from source by visiting this link. Once you have libpcap, compiling vncspy is simple. Just type make in the terminal, and it should create the vncspy program. In case you need any assistance with the compilation process, you can contact the support team for help.
Version 0.1: N/A