We had a requirement for a wireless projector solution for our conference room. The ATEN KE8220 was selected because it used the VNC protocol which we all know and understand. Unfortunately, the projector feature (push video) uses a proprietary connection protocol and the supplied software does not support Linux.
The script in this article allows you to connect to the KE8220 in push/projector mode using Linux (or other platforms)
The KE8220 offers a "push" video option which is not part of the VNC protocol. Instead, it is provided using a proprietary, encrypted extension.
Whilst the script does exactly what I need it for, it might be nice to wrap a GUI around it - perhaps integrate it with vino somehow using a randomly generated password, etc. It might also be possible to make a stand-alone project. If there is sufficient interest I might do that.
The initial communication between the client and KE8220 device is encrypted with a shared key. As this key is known, it is a trivial matter to decrypt this communication. Doing so reveals the plain text password used to connect to the VNC server. So... DO NOT RE-USE A SENSITIVE PASSWORD!
Aten's VNC server is actually a modified version of UltraVNC. It has been set up so that the remote host can control the local desktop. Consequently, if you are using Aten's software, a compromised password could well mean a compromised desktop if that password was intercepted by an adversary.
Firstly, I should point out that I am not a lawyer. What follows is my opinion only. It is up to you to form your own opinion after carefully checking the facts for yourself.
In the early stages of my reverse engineering effort, I unpacked the AtenVNC executable. Within, I discovered that they had used modified UltraVNC (a GPL licensed program) complete with original GPL license text. I searched their website but I could not find the source code.
So, I emailed them explaining I had found a copy of the GPL and I requested the source code. They refused, stating "The source code is proprietary we don't have it to send."
Naturally, I wasn't prepared to give up there and many many emails, almost two months later I eventually got them to release some source code.
Unfortunately, the code they released did not correspond to the original binary. They had modified the code and moved the proprietary part into a new DLL. This new DLL was not part of the original distribution. Not only that, but I suspect they had also modified parts of the code by obfuscating the variable and function names.
I challenged them on this explaining very clearly that this was still a license violation and the issue was moved from support to their HQ. After even more emails and much prodding, they eventually stated that they were not prepared to release any further source code due to "the concern of protection of the confidential information related to the company and the KE8220 users." This was disappointing to say the least!
Study of their source code meant I was able to figure out what happened when... despite the obfuscated symbols... but in the end I gave up on their source code and loaded up a debugger. Enjoy the script!
You might be interested to take a look at https://forum.ultravnc.net/viewtopic.php?t=5233 which discuss ultravnc's use of the GPL. I am no expert on the GPL (V1 nor V2) but I'm pretty sure cases have been brought against companies that have been in violation of the licence and these have been won. The GPL is a tricky subject!
Could this method be also used to push the screen of a Android device to the KE8220? Android devices have the ability to act as VNC servers via third party apps, could they be configured to us the device?