VNCPwdump can be used to dump and decrypt the registry key containing the encrypted VNC password in a few different ways.
It supports dumping and decrypting the password by:
– Dumping the current users registry key
– Retrieving it from a NTUSER.DAT file
– Decrypting a command line supplied encrypted password
– Injecting the VNC process and dumping the owners password
– Support for RealVNC 4
– Command line encryption of plaintext password
– Set service and user passwords
– Minor bugfixes
– Support for Windows NT 4
VNCPwdump was developed by Patrik Karlsson.