Beispiel #1
0
        /// <summary>
        /// Client MCS Attach User Request PDU
        /// </summary>
        private static void send_AttachUserRequest()
        {
            RdpPacket data = new RdpPacket();

            data.WriteByte((byte)(AURQ << 2));
            IsoLayer.SendTPKT(data);
        }
Beispiel #2
0
        /// <summary>
        /// Client MCS Channel Join Request PDU
        /// </summary>
        private static void send_ChannelJoinRequest(int channelId)
        {
            RdpPacket data = new RdpPacket();

            data.WriteByte((byte)(CJRQ << 2));
            data.WriteBigEndian16((short)McsUserID);
            data.WriteBigEndian16((short)channelId);
            IsoLayer.SendTPKT(data);
        }
Beispiel #3
0
        private static void sendSynchronize()
        {
            RdpPacket packet = new RdpPacket();

            packet.WriteLittleEndian16((short)1);
            packet.WriteLittleEndian16((short)0x3ea);

            IsoLayer.SendPDU(packet, IsoLayer.PDUType2.PDUTYPE2_SYNCHRONIZE, Secure.RDPEncrypted() ? (int)(MCS.TS_SECURITY_HEADER.SEC_ENCRYPT) : 0);
        }
Beispiel #4
0
        /// <summary>
        /// Client MCS Erect Domain Request PDU
        /// </summary>
        private static void send_ErectDomainRequest()
        {
            RdpPacket data = new RdpPacket();

            data.WriteByte((byte)(EDRQ << 2));
            data.WriteBigEndian16((short)1);
            data.WriteBigEndian16((short)1);
            IsoLayer.SendTPKT(data);
        }
Beispiel #5
0
        private static void sendControl(int action)
        {
            RdpPacket packet = new RdpPacket();

            packet.WriteLittleEndian16((short)action);
            packet.WriteLittleEndian16((short)0);
            packet.WriteLittleEndian32(0);

            IsoLayer.SendPDU(packet, IsoLayer.PDUType2.PDUTYPE2_CONTROL, Secure.RDPEncrypted() ? (int)(MCS.TS_SECURITY_HEADER.SEC_ENCRYPT) : 0);
        }
Beispiel #6
0
        private static void sendFontList()
        {
            RdpPacket packet = new RdpPacket();

            packet.WriteLittleEndian16((short)0);
            packet.WriteLittleEndian16((short)0);
            packet.WriteLittleEndian16((short)3);
            packet.WriteLittleEndian16((short)50);
            IsoLayer.SendPDU(packet, IsoLayer.PDUType2.PDUTYPE2_FONTLIST, Secure.RDPEncrypted() ? (int)(MCS.TS_SECURITY_HEADER.SEC_ENCRYPT) : 0);
        }
Beispiel #7
0
        /// <summary>
        /// Disconnect packet
        /// </summary>
        public static void Disconnect()
        {
            RdpPacket packet = new RdpPacket();

            packet.WriteLittleEndian16((short)1);
            packet.WriteLittleEndian16((short)0x3ea);
            IsoLayer.SendPDU(packet, IsoLayer.PDUType2.PDUTYPE2_SHUTDOWN_REQUEST, Secure.RDPEncrypted() ? (int)(MCS.TS_SECURITY_HEADER.SEC_ENCRYPT) : 0);
            packet = new RdpPacket();
            packet.WriteByte((byte)(DPUM << 2));
            packet.WriteByte(3);

            IsoLayer.SendTPKT(packet);
        }
        private void send(RdpPacket data)
        {
            data.Position = 0L;
            int length = (int)data.Length;
            int count  = Math.Min(length, 1600);
            int num    = length - count;

            if (num == 0)
            {
                RdpPacket packet = new RdpPacket();
                packet.WriteLittleEndian32((int)length);
                packet.WriteLittleEndian32((int)(CHANNEL_FLAG.CHANNEL_FLAG_FIRST | CHANNEL_FLAG.CHANNEL_FLAG_LAST | CHANNEL_FLAG.CHANNEL_FLAG_SHOW_PROTOCOL));
                packet.copyToByteArray(data);

                IsoLayer.SendToCannel(packet, Secure.RDPEncrypted() ? (int)(MCS.TS_SECURITY_HEADER.SEC_ENCRYPT) : 0, this.ChannelID);
            }
            else
            {
                RdpPacket packet2 = new RdpPacket();
                packet2.WriteLittleEndian32((int)length);
                packet2.WriteLittleEndian32((int)(CHANNEL_FLAG.CHANNEL_FLAG_FIRST | CHANNEL_FLAG.CHANNEL_FLAG_SHOW_PROTOCOL));
                byte[] buffer = new byte[count];
                data.Read(buffer, 0, count);
                packet2.Write(buffer, 0, count);

                IsoLayer.SendToCannel(packet2, Secure.RDPEncrypted() ? (int)(MCS.TS_SECURITY_HEADER.SEC_ENCRYPT) : 0, this.ChannelID);
            }

            while (num > 0)
            {
                count = Math.Min(num, 1600);
                num  -= count;
                RdpPacket packet3 = new RdpPacket();
                packet3.WriteLittleEndian32((int)length);

                if (num == 0)
                {
                    packet3.WriteLittleEndian32((int)(CHANNEL_FLAG.CHANNEL_FLAG_LAST | CHANNEL_FLAG.CHANNEL_FLAG_SHOW_PROTOCOL));
                }
                else
                {
                    packet3.WriteLittleEndian32((int)(CHANNEL_FLAG.CHANNEL_FLAG_SHOW_PROTOCOL));
                }

                byte[] buffer2 = new byte[count];
                data.Read(buffer2, 0, count);
                packet3.Write(buffer2, 0, count);

                IsoLayer.SendToCannel(packet3, Secure.RDPEncrypted() ? (int)(MCS.TS_SECURITY_HEADER.SEC_ENCRYPT) : 0, this.ChannelID);
            }
        }
Beispiel #9
0
        /// <summary>
        /// Client X.224 Connection Request PDU
        /// </summary>
        private static void sendConnectNegotiation(NegotiationProtocol NegotiationFlags, byte[] loadBalanceToken)
        {
            string domainAndUsername = Options.DomainAndUsername;

            if (domainAndUsername.Length > 9)
            {
                domainAndUsername = domainAndUsername.Substring(0, 9);
            }

            RdpPacket packet = new RdpPacket();

            packet.WriteByte(3);
            packet.WriteByte(0);
            long position = packet.Position;

            packet.WriteBigEndian16((short)0);
            packet.WriteByte(0);
            packet.WriteByte(0xe0);
            packet.WriteBigEndian16((short)0);
            packet.WriteBigEndian16((short)0);
            packet.WriteByte(0);

            if (loadBalanceToken != null)
            {
                packet.Write(loadBalanceToken, 0, loadBalanceToken.Length);
                packet.WriteString("\r\n", false);
            }
            else
            {
                packet.WriteString("Cookie: mstshash=" + domainAndUsername + "\r\n", true);
            }

            // RDP Negotiation Request
            packet.WriteByte(0x01);
            packet.WriteByte(0);
            packet.WriteLittleEndian16((short)8);
            packet.WriteLittleEndian32((int)NegotiationFlags); // Standard RDP Security, TLS 1.0, CredSSP

            long num2 = packet.Position;

            packet.Position = position;
            packet.WriteBigEndian16((short)num2);
            packet.WriteByte((byte)(num2 - 5L));

            IsoLayer.Write(packet);
        }
Beispiel #10
0
        internal static void processDemandActive(RdpPacket data)
        {
            int num3;

            rdp_shareid = data.ReadLittleEndian32();
            int num = data.ReadLittleEndian16();

            data.ReadLittleEndian16();
            data.Position += num;
            int numCaps = data.ReadLittleEndian16();

            data.ReadLittleEndian16();
            processServerCapabilities(data, numCaps);
            sendConfirmActive();
            sendSynchronize();
            sendControl(4);
            sendControl(1);
            ISO.Secure_receive(out num3);
            ISO.Secure_receive(out num3);
            ISO.Secure_receive(out num3);

            if (Options.persistentBmpCache && !m_bInitialised)
            {
                sendPersistKeyList();
            }

            List <Rdp.InputInfo> inputToSend = new List <Rdp.InputInfo>
            {
                new Rdp.InputInfo(0, Rdp.InputType.INPUT_EVENT_SYNC, 0, 0, 0)
            };

            //if (m_bInitialised)
            //{
            //    Options.OnInitialise();
            //}
            m_bInitialised = true;

            IsoLayer.FastSendInput(inputToSend);
            sendFontList();
            ISO.Secure_receive(out num3);
            resetOrderState();
        }
Beispiel #11
0
        internal static void send_authresp(byte[] token, byte[] crypt_hwid, byte[] signature)
        {
            int       num    = 0x80;
            int       num2   = 0x3a;
            RdpPacket packet = new RdpPacket();

            packet.WriteLittleEndian32(num);
            packet.WriteByte(0x15);
            packet.WriteByte(2);
            packet.WriteLittleEndian16((short)num2);
            packet.WriteLittleEndian16((short)1);
            packet.WriteLittleEndian16((short)10);
            packet.Write(token, 0, 10);
            packet.WriteLittleEndian16((short)1);
            packet.WriteLittleEndian16((short)20);
            packet.Write(crypt_hwid, 0, 20);
            packet.Write(signature, 0, 0x10);

            IsoLayer.SendMCS(packet, MCS.MSC_GLOBAL_CHANNEL);
        }
Beispiel #12
0
        private static void sendSupressOutput(bool bAllowDisplayUpdates)
        {
            if (Options.suppress_output_supported)
            {
                RdpPacket packet = new RdpPacket();
                packet.WriteByte(bAllowDisplayUpdates ? ((byte)1) : ((byte)0));
                packet.WriteByte(0);
                packet.WriteByte(0);
                packet.WriteByte(0);

                if (bAllowDisplayUpdates)
                {
                    packet.WriteLittleEndian16((short)0);
                    packet.WriteLittleEndian16((short)0);
                    packet.WriteLittleEndian16((ushort)Options.width);
                    packet.WriteLittleEndian16((ushort)Options.height);
                }

                IsoLayer.SendPDU(packet, IsoLayer.PDUType2.PDUTYPE2_SUPPRESS_OUTPUT, Secure.RDPEncrypted() ? (int)(MCS.TS_SECURITY_HEADER.SEC_ENCRYPT) : 0);
            }
        }
Beispiel #13
0
        internal static void send_request(byte[] client_random, byte[] rsa_data, byte[] username, byte[] host)
        {
            int       num    = 0x80;
            int       num2   = (username.Length == 0) ? 0 : (username.Length + 1);
            int       num3   = (host.Length == 0) ? 0 : (host.Length + 1);
            int       num4   = (0x80 + num2) + num3;
            RdpPacket packet = new RdpPacket();

            packet.WriteLittleEndian32(num);
            packet.WriteByte(0x13);
            packet.WriteByte(2);
            packet.WriteLittleEndian16((short)num4);
            packet.WriteLittleEndian32(1);
            packet.WriteLittleEndianU32(0xff010000);
            packet.Write(client_random, 0, 0x20);
            packet.WriteLittleEndian16((short)0);
            packet.WriteLittleEndian16((short)(Secure.modulus_size + 8));
            packet.Write(rsa_data, 0, Secure.modulus_size);
            packet.Position += 8L;
            packet.WriteLittleEndian16((short)15);
            packet.WriteLittleEndian16((short)num2);

            if (num2 != 0)
            {
                packet.Write(username, 0, num2 - 1);
                packet.WriteByte(0);
            }

            packet.WriteLittleEndian16((short)0x10);
            packet.WriteLittleEndian16((short)num3);

            if (num3 != 0)
            {
                packet.Write(host, 0, num3 - 1);
                packet.WriteByte(0);
            }

            IsoLayer.SendMCS(packet, MCS.MSC_GLOBAL_CHANNEL);
        }
Beispiel #14
0
        private static void sendConfirmActive()
        {
            int num  = 390;
            int num2 = 0;

            if (Secure.RDPEncrypted())
            {
                num2 |= (int)(MCS.TS_SECURITY_HEADER.SEC_ENCRYPT);
            }

            RdpPacket data = new RdpPacket();

            data.WriteLittleEndian16((short)((0x10 + num) + RDP_SOURCE.Length));
            data.WriteLittleEndian16((short)0x13);
            data.WriteLittleEndian16((short)(MCS.McsUserID + 0x3e9));
            data.WriteLittleEndian32(rdp_shareid);
            data.WriteLittleEndian16((short)0x3ea);
            data.WriteLittleEndian16((short)RDP_SOURCE.Length);
            data.WriteLittleEndian16((short)num);
            data.Write(RDP_SOURCE, 0, RDP_SOURCE.Length);
            data.WriteLittleEndian16((short)13);
            data.Position += 2L;
            sendGeneralCaps(data);
            sendBitmapCaps(data);
            sendOrderCaps(data);
            sendBitmapcacheCaps(data);
            sendColorcacheCaps(data);
            sendActivateCaps(data);
            sendControlCaps(data);
            sendPointerCaps(data);
            sendShareCaps(data);
            sendInputCaps(data);
            sendSoundCaps(data);
            sendFontCaps(data);
            sendGlyphCacheCaps(data);

            IsoLayer.SendToGlobalChannel(data, num2);
        }
Beispiel #15
0
        private static void sendPersistKeyList()
        {
            int num   = 0;
            int num2  = 0;
            int num3  = 0;
            int num4  = 0;
            int num5  = 0;
            int num6  = 0;
            int num7  = 0;
            int num8  = 0;
            int num9  = 0;
            int num10 = 0;

            Cache.TotalBitmapCache(out num, out num2, out num3, out num4, out num5);
            int offset = 0;

            while ((((num6 < num) || (num7 < num2)) || ((num8 < num3) || (num9 < num4))) || (num10 < num5))
            {
                int          num12     = 0;
                int          num13     = 0;
                int          num14     = 0;
                int          num15     = 0;
                int          num16     = 0;
                bool         bMoreKeys = false;
                List <ulong> list      = Cache.GetBitmapCache(offset, 0xff, out num12, out num13, out num14, out num15, out num16, out bMoreKeys);
                RdpPacket    packet    = new RdpPacket();
                packet.WriteLittleEndian16((ushort)num12);
                packet.WriteLittleEndian16((ushort)num13);
                packet.WriteLittleEndian16((ushort)num14);
                packet.WriteLittleEndian16((ushort)num15);
                packet.WriteLittleEndian16((ushort)num16);
                packet.WriteLittleEndian16((ushort)num);
                packet.WriteLittleEndian16((ushort)num2);
                packet.WriteLittleEndian16((ushort)num3);
                packet.WriteLittleEndian16((ushort)num4);
                packet.WriteLittleEndian16((ushort)num5);
                byte num17 = 0;
                if (offset == 0)
                {
                    num17 = (byte)(num17 | 1);
                }
                if (!bMoreKeys)
                {
                    num17 = (byte)(num17 | 2);
                }
                packet.WriteByte(num17);
                packet.WriteByte(0);
                packet.WriteLittleEndian16((short)0);
                foreach (ulong num18 in list)
                {
                    packet.Write(BitConverter.GetBytes(num18), 0, 8);
                }
                IsoLayer.SendPDU(packet, IsoLayer.PDUType2.PDUTYPE2_BITMAPCACHE_PERSISTENT_LIST, Secure.RDPEncrypted() ? (int)(MCS.TS_SECURITY_HEADER.SEC_ENCRYPT) : 0);
                offset += list.Count;
                num6   += num12;
                num7   += num13;
                num8   += num14;
                num9   += num15;
                num10  += num16;
            }
        }
Beispiel #16
0
        // Input
        internal static void inputloop()
        {
            m_bHalt = false;
            m_bExceptionReported = false;
            m_InputCache.Clear();
            m_KeepAliveTimer = DateTime.Now;

            try
            {
                List <InputInfo> inputToSend = new List <InputInfo>();
                List <InputInfo> list2       = new List <InputInfo>();

                while (!m_bHalt)
                {
                    lock (m_InputCache)
                    {
                        inputToSend.Clear();
                        DateTime now = DateTime.Now;

                        foreach (InputInfo info in m_InputCache)
                        {
                            TimeSpan span = (TimeSpan)(now - info.TimeStamp);

                            if (span.TotalMilliseconds > 80)
                            {
                                inputToSend.Add(info);
                                list2.Add(info);
                            }
                        }

                        TimeSpan span2 = (TimeSpan)(DateTime.Now - m_KeepAliveTimer);

                        if (span2.TotalSeconds > 30)
                        {
                            IsoLayer.RefreshRect(new Rectangle[] { new Rectangle(0, 0, 0x20, 0x20) });
                        }

                        foreach (InputInfo info2 in list2)
                        {
                            m_InputCache.Remove(info2);
                        }

                        list2.Clear();
                    }

                    if (inputToSend.Count > 0)
                    {
                        IsoLayer.FastSendInput(inputToSend);
                    }

                    Thread.Sleep(60);
                }
            }
            catch (EndOfTransmissionException)
            {
                Options.OnClosed();
            }
            catch (SocketAbortException)
            {
            }
            catch (ThreadAbortException)
            {
            }
            catch (Exception exception)
            {
                if (!m_bExceptionReported)
                {
                    m_bExceptionReported = true;
                    Options.OnError(exception);
                }
            }
        }
Beispiel #17
0
        /// <summary>
        /// Negotiation Start
        /// </summary>
        /// <param name="loadBalanceToken">null</param>
        /// <param name="bAutoReconnect">false</param>
        internal static void sendСonnectionRequest(byte[] loadBalanceToken, bool bAutoReconnect)
        {
            int num;

            Secure.dec_count        = 0;
            Secure.enc_count        = 0;
            Network.ConnectionStage = Network.eConnectionStage.Negotiating;

            if (Options.enableNLA)
            {
                // Client X.224 Connection Request PDU
                sendConnectNegotiation(
                    NegotiationProtocol.PROTOCOL_RDP |
                    NegotiationProtocol.PROTOCOL_SSL |
                    NegotiationProtocol.PROTOCOL_HYBRID,
                    loadBalanceToken);

                // Server X.224 Connection Confirm PDU
                num = receiveConnectNegotiation();

                if (num == Main.SecureValue3) // SSL подключение запрещено настройками сервера
                {
                    Network.Close();
                    Network.Connect(Options.Host, Options.Port);

                    // Client X.224 Connection Request PDU
                    sendConnectNegotiation(NegotiationProtocol.PROTOCOL_RDP, loadBalanceToken);

                    // Server X.224 Connection Confirm PDU
                    num = receiveConnectNegotiation();

                    if (num != 0)
                    {
                        throw new RDFatalException("Security negotiation failed!");
                    }
                }
                else // SSL подключение разрешено
                {
                    if (((num & 1) != 0) || ((num & 2) != 0))
                    {
                        Network.ConnectionStage = Network.eConnectionStage.Securing;
                        Network.ConnectSSL();
                    }

                    if ((num & 2) != 0)
                    {
                        Network.ConnectionStage = Network.eConnectionStage.Authenticating;
                        CredSSP.Negotiate(Network.GetSSLPublicKey());
                    }
                }
            }
            else
            {
                // Client X.224 Connection Request PDU
                sendConnectNegotiation(NegotiationProtocol.PROTOCOL_RDP, loadBalanceToken);

                // Server X.224 Connection Confirm PDU
                num = receiveConnectNegotiation();

                if (num != 0)
                {
                    throw new RDFatalException("Security negotiation failed!");
                }
            }

            Network.ConnectionStage = Network.eConnectionStage.Establishing;

            // Client MCS Connect Initial PDU
            IsoLayer.SendTPKT(sendConnectInitial(sendMcsData(true, Channels.RegisteredChannels.Count, num)));

            // Server MCS Connect Response PDU with GCC Conference Create Response
            receiveConnectResponse();

            // Client MCS Erect Domain Request PDU
            send_ErectDomainRequest();

            // Client MCS Attach User Request PDU
            send_AttachUserRequest();

            // Server MCS Attach User Confirm PDU
            McsUserID = receive_AttachUserConfirm();

            // Open User channel
            send_ChannelJoinRequest(McsUserID + MCS_USERCHANNEL_BASE); // Client MCS Channel Join Request PDU
            receive_ChannelJoinConfirm();                              // Server MCS Channel Join Confirm PDU

            // Open Global channel
            send_ChannelJoinRequest(MSC_GLOBAL_CHANNEL);
            receive_ChannelJoinConfirm();

            // Open over channels
            foreach (var channel in Channels.RegisteredChannels)
            {
                if (serverSupportedChannels.Contains(channel.ChannelID))
                {
                    send_ChannelJoinRequest(channel.ChannelID);
                    receive_ChannelJoinConfirm();
                    Debug.WriteLine("Client open over channel: " + channel.ChannelID.ToString());
                }
            }

            int num2 = 0x40;

            if (Secure.RDPEncrypted())
            {
                Network.ConnectionStage = Network.eConnectionStage.SecureAndLogin;
                RdpPacket packet = Secure.establishKey();
                packet.Position = 0L;
                IsoLayer.SendMCS(packet, MSC_GLOBAL_CHANNEL);
                num2 |= 8;
            }
            else
            {
                Network.ConnectionStage = Network.eConnectionStage.Login;
            }

            // Client Info PDU
            IsoLayer.SendToGlobalChannel(getLoginInfo(Options.Domain, Options.Username, Options.Password, "", "", bAutoReconnect), num2);
        }