def parse(self, data): """ Parse a Server Data PDU from bytes. :param data: Server Data PDU data. :type data: bytes :return: RDPServerDataPDU """ core = None security = None network = None stream = BytesIO(data) while core is None or security is None or network is None: structure = self.parseStructure(stream) if structure.header == ConnectionDataType.SERVER_CORE: core = structure elif structure.header == ConnectionDataType.SERVER_SECURITY: security = structure elif structure.header == ConnectionDataType.SERVER_NETWORK: network = structure if len(stream.getvalue()) == 0: break return ServerDataPDU(core, security, network)
def onConnectResponse(self, pdu: MCSConnectResponsePDU): """ Parse server connection information. Initialize security settings and map channel IDs to channel names. :param pdu: the connect response PDU """ if pdu.result != 0: self.client.sendPDU(pdu) else: # Parse response PDUs gccParser = GCCParser() rdpParser = ServerConnectionParser() gccPDU: GCCConferenceCreateResponsePDU = gccParser.parse(pdu.payload) serverData = rdpParser.parse(gccPDU.payload) # Save security settings self.state.securitySettings.setEncryptionMethod(serverData.securityData.encryptionMethod) self.state.securitySettings.setServerRandom(serverData.securityData.serverRandom) if serverData.securityData.serverCertificate: self.state.securitySettings.setServerPublicKey(serverData.securityData.serverCertificate.publicKey) # Map channel names to IDs self.state.channelMap[serverData.networkData.mcsChannelID] = MCSChannelName.IO for index in range(len(serverData.networkData.channels)): channelID = serverData.networkData.channels[index] name = self.state.channelDefinitions[index].name self.log.info("%(channelName)s <---> Channel #%(channelId)d", {"channelName": name, "channelId": channelID}) self.state.channelMap[channelID] = name # Replace the server's public key with our own key so we can decrypt the incoming client random cert = serverData.securityData.serverCertificate if cert: cert = ProprietaryCertificate( cert.signatureAlgorithmID, cert.keyAlgorithmID, cert.publicKeyType, self.state.rc4RSAKey, cert.signatureType, cert.signature, cert.padding ) # FIPS is not implemented so avoid using that security = ServerSecurityData( serverData.securityData.encryptionMethod if serverData.securityData.encryptionMethod != EncryptionMethod.ENCRYPTION_FIPS else EncryptionMethod.ENCRYPTION_128BIT, serverData.securityData.encryptionLevel if serverData.securityData.encryptionLevel != EncryptionLevel.ENCRYPTION_LEVEL_FIPS else EncryptionLevel.ENCRYPTION_LEVEL_HIGH, serverData.securityData.serverRandom, cert ) # The clientRequestedProtocols field MUST be the same as the one received in the X224 Connection Request serverData.coreData.clientRequestedProtocols = self.state.requestedProtocols modifiedServerData = ServerDataPDU(serverData.coreData, security, serverData.networkData) modifiedGCCPDU = GCCConferenceCreateResponsePDU(gccPDU.nodeID, gccPDU.tag, gccPDU.result, rdpParser.write(modifiedServerData)) modifiedMCSPDU = MCSConnectResponsePDU(pdu.result, pdu.calledConnectID, pdu.domainParams, gccParser.write(modifiedGCCPDU)) self.client.sendPDU(modifiedMCSPDU)
def onConnectResponse(self, pdu, serverData): # MCS Connect Response """ :type pdu: MCSConnectResponsePDU :type serverData: ServerDataPDU """ if pdu.result != 0: self.mcs.send(pdu) return # Replace the server's public key with our own key so we can decrypt the incoming client random cert = serverData.security.serverCertificate if cert: cert = ProprietaryCertificate(cert.signatureAlgorithmID, cert.keyAlgorithmID, cert.publicKeyType, self.rc4RSAKey, cert.signatureType, cert.signature, cert.padding) security = ServerSecurityData( # FIPS is not implemented so avoid using that serverData.security.encryptionMethod if serverData.security.encryptionMethod != EncryptionMethod.ENCRYPTION_FIPS else EncryptionMethod.ENCRYPTION_128BIT, serverData.security.encryptionLevel if serverData.security.encryptionLevel != EncryptionLevel.ENCRYPTION_LEVEL_FIPS else EncryptionLevel.ENCRYPTION_LEVEL_HIGH, serverData.security.serverRandom, cert) serverData.core.clientRequestedProtocols = self.originalNegotiationPDU.requestedProtocols self.securitySettings.serverSecurityReceived(security) self.serverData = ServerDataPDU(serverData.core, security, serverData.network) rdpParser = ServerConnectionParser() gccParser = GCCParser() gcc = self.client.conferenceCreateResponse gcc = GCCConferenceCreateResponsePDU(gcc.nodeID, gcc.tag, gcc.result, rdpParser.write(self.serverData)) pdu = MCSConnectResponsePDU(pdu.result, pdu.calledConnectID, pdu.domainParams, gccParser.write(gcc)) self.mcs.send(pdu)