def __init__(self, mainLogger: SessionLogger, crawlerLogger: SessionLogger, config: MITMConfig): """ :param log: base logger to use for the connection :param config: the MITM configuration """ self.log = mainLogger """Base logger for the connection""" self.clientLog = mainLogger.createChild("client") """Base logger for the client side""" self.serverLog = mainLogger.createChild("server") """Base logger for the server side""" self.attackerLog = mainLogger.createChild("attacker") """Base logger for the attacker side""" self.rc4Log = mainLogger.createChild("rc4") """Logger for RC4 secrets""" self.config = config """The MITM configuration""" self.statCounter = StatCounter() """Class to keep track of connection-related statistics such as # of mouse events, # of output events, etc.""" self.state = RDPMITMState() """The MITM state""" self.client = RDPLayerSet() """Layers on the client side""" self.server = RDPLayerSet() """Layers on the server side""" self.player = TwistedPlayerLayerSet() """Layers on the attacker side""" self.recorder = MITMRecorder([], self.state) """Recorder for this connection""" self.channelMITMs = {} """MITM components for virtual channels""" serverConnector = self.connectToServer() date = datetime.datetime.now() replayFileName = "rdp_replay_{}_{}.pyrdp".format(date.strftime('%Y%m%d_%H-%M-%S'), date.microsecond // 1000) self.tcp = TCPMITM(self.client.tcp, self.server.tcp, self.player.tcp, self.getLog("tcp"), self.state, self.recorder, serverConnector, self.statCounter, replayFileName, config) """TCP MITM component""" self.x224 = X224MITM(self.client.x224, self.server.x224, self.getLog("x224"), self.state, serverConnector, self.startTLS) """X224 MITM component""" self.mcs = MCSMITM(self.client.mcs, self.server.mcs, self.state, self.recorder, self.buildChannel, self.getLog("mcs"), self.statCounter) """MCS MITM component""" self.security: SecurityMITM = None """Security MITM component""" self.slowPath = SlowPathMITM(self.client.slowPath, self.server.slowPath, self.state, self.statCounter) """Slow-path MITM component""" self.fastPath: FastPathMITM = None """Fast-path MITM component""" self.attacker: AttackerMITM = None self.crawler: FileCrawlerMITM = None self.client.x224.addObserver(X224Logger(self.getClientLog("x224"))) self.client.mcs.addObserver(MCSLogger(self.getClientLog("mcs"))) self.client.slowPath.addObserver(SlowPathLogger(self.getClientLog("slowpath"))) self.client.slowPath.addObserver(RecordingSlowPathObserver(self.recorder)) self.server.x224.addObserver(X224Logger(self.getServerLog("x224"))) self.server.mcs.addObserver(MCSLogger(self.getServerLog("mcs"))) self.server.slowPath.addObserver(SlowPathLogger(self.getServerLog("slowpath"))) self.server.slowPath.addObserver(RecordingSlowPathObserver(self.recorder)) self.player.player.addObserver(LayerLogger(self.attackerLog)) self.config.outDir.mkdir(parents=True, exist_ok=True) self.config.replayDir.mkdir(exist_ok=True) self.config.fileDir.mkdir(exist_ok=True) self.state.securitySettings.addObserver(RC4LoggingObserver(self.rc4Log)) if config.recordReplays: self.recorder.addTransport(FileLayer(self.config.replayDir / replayFileName)) if config.enableCrawler: self.crawler: FileCrawlerMITM = FileCrawlerMITM(self.getClientLog(MCSChannelName.DEVICE_REDIRECTION).createChild("crawler"), crawlerLogger, self.config, self.state)
def __init__(self, mainLogger: SessionLogger, crawlerLogger: SessionLogger, config: MITMConfig, state: RDPMITMState = None, recorder: Recorder = None): """ :param mainLogger: base logger to use for the connection :param config: the MITM configuration """ self.log = mainLogger """Base logger for the connection""" self.clientLog = mainLogger.createChild("client") """Base logger for the client side""" self.serverLog = mainLogger.createChild("server") """Base logger for the server side""" self.attackerLog = mainLogger.createChild("attacker") """Base logger for the attacker side""" self.rc4Log = mainLogger.createChild("rc4") """Logger for RC4 secrets""" self.config = config """The MITM configuration""" self.statCounter = StatCounter() """Class to keep track of connection-related statistics such as # of mouse events, # of output events, etc.""" self.state = state if state is not None else RDPMITMState(self.config, self.log.sessionID) """The MITM state""" self.client = RDPLayerSet() """Layers on the client side""" self.server = RDPLayerSet() """Layers on the server side""" self.player = TwistedPlayerLayerSet() """Layers on the attacker side""" self.recorder = recorder if recorder is not None else MITMRecorder([], self.state) """Recorder for this connection""" self.channelMITMs = {} """MITM components for virtual channels""" self.onTlsReady = None """Callback for when TLS is done""" self.tcp = TCPMITM(self.client.tcp, self.server.tcp, self.player.tcp, self.getLog("tcp"), self.state, self.recorder, self.statCounter) """TCP MITM component""" self.x224 = X224MITM(self.client.x224, self.server.x224, self.getLog("x224"), self.state, self.connectToServer, self.disconnectFromServer, self.startTLS) """X224 MITM component""" self.mcs = MCSMITM(self.client.mcs, self.server.mcs, self.state, self.recorder, self.buildChannel, self.getLog("mcs"), self.statCounter) """MCS MITM component""" self.security: SecurityMITM = None """Security MITM component""" self.slowPath = SlowPathMITM(self.client.slowPath, self.server.slowPath, self.state, self.statCounter, self.getLog("slowpath")) """Slow-path MITM component""" self.fastPath: FastPathMITM = None """Fast-path MITM component""" self.attacker: AttackerMITM = None self.crawler: FileCrawlerMITM = None self.client.x224.addObserver(X224Logger(self.getClientLog("x224"))) self.client.mcs.addObserver(MCSLogger(self.getClientLog("mcs"))) self.client.slowPath.addObserver(SlowPathLogger(self.getClientLog("slowpath"))) self.client.slowPath.addObserver(RecordingSlowPathObserver(self.recorder)) self.server.x224.addObserver(X224Logger(self.getServerLog("x224"))) self.server.mcs.addObserver(MCSLogger(self.getServerLog("mcs"))) self.server.slowPath.addObserver(SlowPathLogger(self.getServerLog("slowpath"))) self.server.slowPath.addObserver(RecordingSlowPathObserver(self.recorder)) self.player.player.addObserver(LayerLogger(self.attackerLog)) self.ensureOutDir() if config.certificateFileName is None: self.certs: CertificateCache = CertificateCache(self.config.certDir, mainLogger.createChild("cert")) else: self.certs = None self.state.securitySettings.addObserver(RC4LoggingObserver(self.rc4Log)) if config.recordReplays: date = datetime.datetime.now() replayFileName = f"rdp_replay_{date.strftime('%Y%m%d_%H-%M-%S')}_{date.microsecond // 1000}_{self.state.sessionID}.pyrdp" self.recorder.setRecordFilename(replayFileName) self.recorder.addTransport(FileLayer(self.config.replayDir / replayFileName)) if config.enableCrawler: self.crawler: FileCrawlerMITM = FileCrawlerMITM( self.getClientLog(MCSChannelName.DEVICE_REDIRECTION).createChild("crawler"), crawlerLogger, self.config, self.state )