By using the below exploit code it is possible to use a VNC server without knowing its password by causing a client to authenticate through the attacking host, while the attacker redirects it to the server. added by Radost