コード例 #1
0
    def __init__(self,
                 mainLogger: SessionLogger,
                 crawlerLogger: SessionLogger,
                 config: MITMConfig,
                 state: RDPMITMState = None,
                 recorder: Recorder = None):
        """
        :param log: base logger to use for the connection
        :param config: the MITM configuration
        """

        self.log = mainLogger
        """Base logger for the connection"""

        self.clientLog = mainLogger.createChild("client")
        """Base logger for the client side"""

        self.serverLog = mainLogger.createChild("server")
        """Base logger for the server side"""

        self.attackerLog = mainLogger.createChild("attacker")
        """Base logger for the attacker side"""

        self.rc4Log = mainLogger.createChild("rc4")
        """Logger for RC4 secrets"""

        self.config = config
        """The MITM configuration"""

        self.statCounter = StatCounter()
        """Class to keep track of connection-related statistics such as # of mouse events, # of output events, etc."""

        self.state = state if state is not None else RDPMITMState(self.config)
        """The MITM state"""

        self.client = RDPLayerSet()
        """Layers on the client side"""

        self.server = RDPLayerSet()
        """Layers on the server side"""

        self.player = TwistedPlayerLayerSet()
        """Layers on the attacker side"""

        self.recorder = recorder if recorder is not None else MITMRecorder(
            [], self.state)
        """Recorder for this connection"""

        self.channelMITMs = {}
        """MITM components for virtual channels"""

        serverConnector = self.connectToServer()
        self.tcp = TCPMITM(self.client.tcp, self.server.tcp, self.player.tcp,
                           self.getLog("tcp"), self.state, self.recorder,
                           serverConnector, self.statCounter)
        """TCP MITM component"""

        self.x224 = X224MITM(self.client.x224, self.server.x224,
                             self.getLog("x224"), self.state, serverConnector,
                             self.startTLS)
        """X224 MITM component"""

        self.mcs = MCSMITM(self.client.mcs, self.server.mcs,
                           self.state, self.recorder, self.buildChannel,
                           self.getLog("mcs"), self.statCounter)
        """MCS MITM component"""

        self.security: SecurityMITM = None
        """Security MITM component"""

        self.slowPath = SlowPathMITM(self.client.slowPath,
                                     self.server.slowPath, self.state,
                                     self.statCounter)
        """Slow-path MITM component"""

        self.fastPath: FastPathMITM = None
        """Fast-path MITM component"""

        self.attacker: AttackerMITM = None

        self.crawler: FileCrawlerMITM = None

        self.client.x224.addObserver(X224Logger(self.getClientLog("x224")))
        self.client.mcs.addObserver(MCSLogger(self.getClientLog("mcs")))
        self.client.slowPath.addObserver(
            SlowPathLogger(self.getClientLog("slowpath")))
        self.client.slowPath.addObserver(
            RecordingSlowPathObserver(self.recorder))

        self.server.x224.addObserver(X224Logger(self.getServerLog("x224")))
        self.server.mcs.addObserver(MCSLogger(self.getServerLog("mcs")))
        self.server.slowPath.addObserver(
            SlowPathLogger(self.getServerLog("slowpath")))
        self.server.slowPath.addObserver(
            RecordingSlowPathObserver(self.recorder))

        self.player.player.addObserver(LayerLogger(self.attackerLog))

        self.ensureOutDir()

        if config.certificateFileName is None:
            self.certs: CertificateCache = CertificateCache(
                self.config.certDir, mainLogger.createChild("cert"))
        else:
            self.certs = None

        self.state.securitySettings.addObserver(RC4LoggingObserver(
            self.rc4Log))

        if config.recordReplays:
            date = datetime.datetime.now()
            replayFileName = "rdp_replay_{}_{}_{}.pyrdp"\
                    .format(date.strftime('%Y%m%d_%H-%M-%S'),
                            date.microsecond // 1000,
                            self.log.sessionID)
            self.recorder.setRecordFilename(replayFileName)
            self.recorder.addTransport(
                FileLayer(self.config.replayDir / replayFileName))

        if config.enableCrawler:
            self.crawler: FileCrawlerMITM = FileCrawlerMITM(
                self.getClientLog(
                    MCSChannelName.DEVICE_REDIRECTION).createChild("crawler"),
                crawlerLogger, self.config, self.state)
コード例 #2
0
ファイル: RDPMITM.py プロジェクト: marciopocebon/pyrdp
    def __init__(self, log: SessionLogger, config: MITMConfig):
        """
        :param log: base logger to use for the connection
        :param config: the MITM configuration
        """

        self.log = log
        """Base logger for the connection"""

        self.clientLog = log.createChild("client")
        """Base logger for the client side"""

        self.serverLog = log.createChild("server")
        """Base logger for the server side"""

        self.attackerLog = log.createChild("attacker")
        """Base logger for the attacker side"""

        self.rc4Log = log.createChild("rc4")
        """Logger for RC4 secrets"""

        self.config = config
        """The MITM configuration"""

        self.statCounter = StatCounter()
        """Class to keep track of connection-related statistics such as # of mouse events, # of output events, etc."""

        self.state = RDPMITMState()
        """The MITM state"""

        self.client = RDPLayerSet()
        """Layers on the client side"""

        self.server = RDPLayerSet()
        """Layers on the server side"""

        self.player = TwistedPlayerLayerSet()
        """Layers on the attacker side"""

        self.recorder = MITMRecorder([], self.state)
        """Recorder for this connection"""

        self.channelMITMs = {}
        """MITM components for virtual channels"""

        serverConnector = self.connectToServer()
        self.tcp = TCPMITM(self.client.tcp, self.server.tcp, self.player.tcp,
                           self.getLog("tcp"), self.state, self.recorder,
                           serverConnector, self.statCounter)
        """TCP MITM component"""

        self.x224 = X224MITM(self.client.x224, self.server.x224,
                             self.getLog("x224"), self.state, serverConnector,
                             self.startTLS)
        """X224 MITM component"""

        self.mcs = MCSMITM(self.client.mcs, self.server.mcs,
                           self.state, self.recorder, self.buildChannel,
                           self.getLog("mcs"), self.statCounter)
        """MCS MITM component"""

        self.security: SecurityMITM = None
        """Security MITM component"""

        self.slowPath = SlowPathMITM(self.client.slowPath,
                                     self.server.slowPath, self.state,
                                     self.statCounter)
        """Slow-path MITM component"""

        self.fastPath: FastPathMITM = None
        """Fast-path MITM component"""

        self.attacker: AttackerMITM = None

        self.client.x224.addObserver(X224Logger(self.getClientLog("x224")))
        self.client.mcs.addObserver(MCSLogger(self.getClientLog("mcs")))
        self.client.slowPath.addObserver(
            SlowPathLogger(self.getClientLog("slowpath")))
        self.client.slowPath.addObserver(
            RecordingSlowPathObserver(self.recorder))

        self.server.x224.addObserver(X224Logger(self.getServerLog("x224")))
        self.server.mcs.addObserver(MCSLogger(self.getServerLog("mcs")))
        self.server.slowPath.addObserver(
            SlowPathLogger(self.getServerLog("slowpath")))
        self.server.slowPath.addObserver(
            RecordingSlowPathObserver(self.recorder))

        self.player.player.addObserver(LayerLogger(self.attackerLog))

        self.config.outDir.mkdir(parents=True, exist_ok=True)
        self.config.replayDir.mkdir(exist_ok=True)
        self.config.fileDir.mkdir(exist_ok=True)

        self.state.securitySettings.addObserver(RC4LoggingObserver(
            self.rc4Log))

        if config.recordReplays:
            date = datetime.datetime.now()
            replayFileName = "rdp_replay_{}_{}.pyrdp".format(
                date.strftime('%Y%m%d_%H-%M-%S'), date.microsecond // 1000)
            self.recorder.addTransport(
                FileLayer(self.config.replayDir / replayFileName))
コード例 #3
0
ファイル: test_X224MITM.py プロジェクト: ndbrain/pyrdp
 def setUp(self):
     self.mitm = X224MITM(Mock(), Mock(), Mock(), Mock(), Mock(), MagicMock())