diff --git a/lib/rex/proto/rfb/cipher.rb b/lib/rex/proto/rfb/cipher.rb
index 660505f7eb..d6fcc0f7ca 100644
--- a/lib/rex/proto/rfb/cipher.rb
+++ b/lib/rex/proto/rfb/cipher.rb
@@ -44,6 +44,9 @@ class Cipher
 	def self.encrypt(plain, password)
 		key = self.mangle_password(password)
 
+		# pad the plain to 16 chars
+		plain << ("\x00" * (16 - plain.length)) if plain.length < 16
+
 		# VNC auth does two 8-byte blocks individually instead supporting some block mode
 		cipher = ''
 		2.times { |x|
@@ -63,6 +66,9 @@ class Cipher
 	def self.decrypt(cipher, password = "\x17\x52\x6b\x06\x23\x4e\x58\x07")
 		key = self.mangle_password(password)
 
+		# pad the cipher text to 9 bytes
+		cipher << ("\x00" * (9 - cipher.length)) if cipher.length < 9
+
 		# NOTE: This only does one 8 byte block
 		plain = ''
 		c = OpenSSL::Cipher::Cipher.new('des')