/// <summary>
/// Client MCS Attach User Request PDU
/// </summary>
private static void send_AttachUserRequest()
{
RdpPacket data = new RdpPacket();
data.WriteByte((byte)(AURQ << 2));
IsoLayer.SendTPKT(data);
}
/// <summary>
/// Client MCS Channel Join Request PDU
/// </summary>
private static void send_ChannelJoinRequest(int channelId)
{
RdpPacket data = new RdpPacket();
data.WriteByte((byte)(CJRQ << 2));
data.WriteBigEndian16((short)McsUserID);
data.WriteBigEndian16((short)channelId);
IsoLayer.SendTPKT(data);
}
private static void sendSynchronize()
{
RdpPacket packet = new RdpPacket();
packet.WriteLittleEndian16((short)1);
packet.WriteLittleEndian16((short)0x3ea);
IsoLayer.SendPDU(packet, IsoLayer.PDUType2.PDUTYPE2_SYNCHRONIZE, Secure.RDPEncrypted() ? (int)(MCS.TS_SECURITY_HEADER.SEC_ENCRYPT) : 0);
}
/// <summary>
/// Client MCS Erect Domain Request PDU
/// </summary>
private static void send_ErectDomainRequest()
{
RdpPacket data = new RdpPacket();
data.WriteByte((byte)(EDRQ << 2));
data.WriteBigEndian16((short)1);
data.WriteBigEndian16((short)1);
IsoLayer.SendTPKT(data);
}
private static void sendControl(int action)
{
RdpPacket packet = new RdpPacket();
packet.WriteLittleEndian16((short)action);
packet.WriteLittleEndian16((short)0);
packet.WriteLittleEndian32(0);
IsoLayer.SendPDU(packet, IsoLayer.PDUType2.PDUTYPE2_CONTROL, Secure.RDPEncrypted() ? (int)(MCS.TS_SECURITY_HEADER.SEC_ENCRYPT) : 0);
}
private static void sendFontList()
{
RdpPacket packet = new RdpPacket();
packet.WriteLittleEndian16((short)0);
packet.WriteLittleEndian16((short)0);
packet.WriteLittleEndian16((short)3);
packet.WriteLittleEndian16((short)50);
IsoLayer.SendPDU(packet, IsoLayer.PDUType2.PDUTYPE2_FONTLIST, Secure.RDPEncrypted() ? (int)(MCS.TS_SECURITY_HEADER.SEC_ENCRYPT) : 0);
}
/// <summary>
/// Disconnect packet
/// </summary>
public static void Disconnect()
{
RdpPacket packet = new RdpPacket();
packet.WriteLittleEndian16((short)1);
packet.WriteLittleEndian16((short)0x3ea);
IsoLayer.SendPDU(packet, IsoLayer.PDUType2.PDUTYPE2_SHUTDOWN_REQUEST, Secure.RDPEncrypted() ? (int)(MCS.TS_SECURITY_HEADER.SEC_ENCRYPT) : 0);
packet = new RdpPacket();
packet.WriteByte((byte)(DPUM << 2));
packet.WriteByte(3);
IsoLayer.SendTPKT(packet);
}
private void send(RdpPacket data)
{
data.Position = 0L;
int length = (int)data.Length;
int count = Math.Min(length, 1600);
int num = length - count;
if (num == 0)
{
RdpPacket packet = new RdpPacket();
packet.WriteLittleEndian32((int)length);
packet.WriteLittleEndian32((int)(CHANNEL_FLAG.CHANNEL_FLAG_FIRST | CHANNEL_FLAG.CHANNEL_FLAG_LAST | CHANNEL_FLAG.CHANNEL_FLAG_SHOW_PROTOCOL));
packet.copyToByteArray(data);
IsoLayer.SendToCannel(packet, Secure.RDPEncrypted() ? (int)(MCS.TS_SECURITY_HEADER.SEC_ENCRYPT) : 0, this.ChannelID);
}
else
{
RdpPacket packet2 = new RdpPacket();
packet2.WriteLittleEndian32((int)length);
packet2.WriteLittleEndian32((int)(CHANNEL_FLAG.CHANNEL_FLAG_FIRST | CHANNEL_FLAG.CHANNEL_FLAG_SHOW_PROTOCOL));
byte[] buffer = new byte[count];
data.Read(buffer, 0, count);
packet2.Write(buffer, 0, count);
IsoLayer.SendToCannel(packet2, Secure.RDPEncrypted() ? (int)(MCS.TS_SECURITY_HEADER.SEC_ENCRYPT) : 0, this.ChannelID);
}
while (num > 0)
{
count = Math.Min(num, 1600);
num -= count;
RdpPacket packet3 = new RdpPacket();
packet3.WriteLittleEndian32((int)length);
if (num == 0)
{
packet3.WriteLittleEndian32((int)(CHANNEL_FLAG.CHANNEL_FLAG_LAST | CHANNEL_FLAG.CHANNEL_FLAG_SHOW_PROTOCOL));
}
else
{
packet3.WriteLittleEndian32((int)(CHANNEL_FLAG.CHANNEL_FLAG_SHOW_PROTOCOL));
}
byte[] buffer2 = new byte[count];
data.Read(buffer2, 0, count);
packet3.Write(buffer2, 0, count);
IsoLayer.SendToCannel(packet3, Secure.RDPEncrypted() ? (int)(MCS.TS_SECURITY_HEADER.SEC_ENCRYPT) : 0, this.ChannelID);
}
}
/// <summary>
/// Client X.224 Connection Request PDU
/// </summary>
private static void sendConnectNegotiation(NegotiationProtocol NegotiationFlags, byte[] loadBalanceToken)
{
string domainAndUsername = Options.DomainAndUsername;
if (domainAndUsername.Length > 9)
{
domainAndUsername = domainAndUsername.Substring(0, 9);
}
RdpPacket packet = new RdpPacket();
packet.WriteByte(3);
packet.WriteByte(0);
long position = packet.Position;
packet.WriteBigEndian16((short)0);
packet.WriteByte(0);
packet.WriteByte(0xe0);
packet.WriteBigEndian16((short)0);
packet.WriteBigEndian16((short)0);
packet.WriteByte(0);
if (loadBalanceToken != null)
{
packet.Write(loadBalanceToken, 0, loadBalanceToken.Length);
packet.WriteString("\r\n", false);
}
else
{
packet.WriteString("Cookie: mstshash=" + domainAndUsername + "\r\n", true);
}
// RDP Negotiation Request
packet.WriteByte(0x01);
packet.WriteByte(0);
packet.WriteLittleEndian16((short)8);
packet.WriteLittleEndian32((int)NegotiationFlags); // Standard RDP Security, TLS 1.0, CredSSP
long num2 = packet.Position;
packet.Position = position;
packet.WriteBigEndian16((short)num2);
packet.WriteByte((byte)(num2 - 5L));
IsoLayer.Write(packet);
}
internal static void processDemandActive(RdpPacket data)
{
int num3;
rdp_shareid = data.ReadLittleEndian32();
int num = data.ReadLittleEndian16();
data.ReadLittleEndian16();
data.Position += num;
int numCaps = data.ReadLittleEndian16();
data.ReadLittleEndian16();
processServerCapabilities(data, numCaps);
sendConfirmActive();
sendSynchronize();
sendControl(4);
sendControl(1);
ISO.Secure_receive(out num3);
ISO.Secure_receive(out num3);
ISO.Secure_receive(out num3);
if (Options.persistentBmpCache && !m_bInitialised)
{
sendPersistKeyList();
}
List <Rdp.InputInfo> inputToSend = new List <Rdp.InputInfo>
{
new Rdp.InputInfo(0, Rdp.InputType.INPUT_EVENT_SYNC, 0, 0, 0)
};
//if (m_bInitialised)
//{
// Options.OnInitialise();
//}
m_bInitialised = true;
IsoLayer.FastSendInput(inputToSend);
sendFontList();
ISO.Secure_receive(out num3);
resetOrderState();
}
internal static void send_authresp(byte[] token, byte[] crypt_hwid, byte[] signature)
{
int num = 0x80;
int num2 = 0x3a;
RdpPacket packet = new RdpPacket();
packet.WriteLittleEndian32(num);
packet.WriteByte(0x15);
packet.WriteByte(2);
packet.WriteLittleEndian16((short)num2);
packet.WriteLittleEndian16((short)1);
packet.WriteLittleEndian16((short)10);
packet.Write(token, 0, 10);
packet.WriteLittleEndian16((short)1);
packet.WriteLittleEndian16((short)20);
packet.Write(crypt_hwid, 0, 20);
packet.Write(signature, 0, 0x10);
IsoLayer.SendMCS(packet, MCS.MSC_GLOBAL_CHANNEL);
}
private static void sendSupressOutput(bool bAllowDisplayUpdates)
{
if (Options.suppress_output_supported)
{
RdpPacket packet = new RdpPacket();
packet.WriteByte(bAllowDisplayUpdates ? ((byte)1) : ((byte)0));
packet.WriteByte(0);
packet.WriteByte(0);
packet.WriteByte(0);
if (bAllowDisplayUpdates)
{
packet.WriteLittleEndian16((short)0);
packet.WriteLittleEndian16((short)0);
packet.WriteLittleEndian16((ushort)Options.width);
packet.WriteLittleEndian16((ushort)Options.height);
}
IsoLayer.SendPDU(packet, IsoLayer.PDUType2.PDUTYPE2_SUPPRESS_OUTPUT, Secure.RDPEncrypted() ? (int)(MCS.TS_SECURITY_HEADER.SEC_ENCRYPT) : 0);
}
}
internal static void send_request(byte[] client_random, byte[] rsa_data, byte[] username, byte[] host)
{
int num = 0x80;
int num2 = (username.Length == 0) ? 0 : (username.Length + 1);
int num3 = (host.Length == 0) ? 0 : (host.Length + 1);
int num4 = (0x80 + num2) + num3;
RdpPacket packet = new RdpPacket();
packet.WriteLittleEndian32(num);
packet.WriteByte(0x13);
packet.WriteByte(2);
packet.WriteLittleEndian16((short)num4);
packet.WriteLittleEndian32(1);
packet.WriteLittleEndianU32(0xff010000);
packet.Write(client_random, 0, 0x20);
packet.WriteLittleEndian16((short)0);
packet.WriteLittleEndian16((short)(Secure.modulus_size + 8));
packet.Write(rsa_data, 0, Secure.modulus_size);
packet.Position += 8L;
packet.WriteLittleEndian16((short)15);
packet.WriteLittleEndian16((short)num2);
if (num2 != 0)
{
packet.Write(username, 0, num2 - 1);
packet.WriteByte(0);
}
packet.WriteLittleEndian16((short)0x10);
packet.WriteLittleEndian16((short)num3);
if (num3 != 0)
{
packet.Write(host, 0, num3 - 1);
packet.WriteByte(0);
}
IsoLayer.SendMCS(packet, MCS.MSC_GLOBAL_CHANNEL);
}
private static void sendConfirmActive()
{
int num = 390;
int num2 = 0;
if (Secure.RDPEncrypted())
{
num2 |= (int)(MCS.TS_SECURITY_HEADER.SEC_ENCRYPT);
}
RdpPacket data = new RdpPacket();
data.WriteLittleEndian16((short)((0x10 + num) + RDP_SOURCE.Length));
data.WriteLittleEndian16((short)0x13);
data.WriteLittleEndian16((short)(MCS.McsUserID + 0x3e9));
data.WriteLittleEndian32(rdp_shareid);
data.WriteLittleEndian16((short)0x3ea);
data.WriteLittleEndian16((short)RDP_SOURCE.Length);
data.WriteLittleEndian16((short)num);
data.Write(RDP_SOURCE, 0, RDP_SOURCE.Length);
data.WriteLittleEndian16((short)13);
data.Position += 2L;
sendGeneralCaps(data);
sendBitmapCaps(data);
sendOrderCaps(data);
sendBitmapcacheCaps(data);
sendColorcacheCaps(data);
sendActivateCaps(data);
sendControlCaps(data);
sendPointerCaps(data);
sendShareCaps(data);
sendInputCaps(data);
sendSoundCaps(data);
sendFontCaps(data);
sendGlyphCacheCaps(data);
IsoLayer.SendToGlobalChannel(data, num2);
}
private static void sendPersistKeyList()
{
int num = 0;
int num2 = 0;
int num3 = 0;
int num4 = 0;
int num5 = 0;
int num6 = 0;
int num7 = 0;
int num8 = 0;
int num9 = 0;
int num10 = 0;
Cache.TotalBitmapCache(out num, out num2, out num3, out num4, out num5);
int offset = 0;
while ((((num6 < num) || (num7 < num2)) || ((num8 < num3) || (num9 < num4))) || (num10 < num5))
{
int num12 = 0;
int num13 = 0;
int num14 = 0;
int num15 = 0;
int num16 = 0;
bool bMoreKeys = false;
List <ulong> list = Cache.GetBitmapCache(offset, 0xff, out num12, out num13, out num14, out num15, out num16, out bMoreKeys);
RdpPacket packet = new RdpPacket();
packet.WriteLittleEndian16((ushort)num12);
packet.WriteLittleEndian16((ushort)num13);
packet.WriteLittleEndian16((ushort)num14);
packet.WriteLittleEndian16((ushort)num15);
packet.WriteLittleEndian16((ushort)num16);
packet.WriteLittleEndian16((ushort)num);
packet.WriteLittleEndian16((ushort)num2);
packet.WriteLittleEndian16((ushort)num3);
packet.WriteLittleEndian16((ushort)num4);
packet.WriteLittleEndian16((ushort)num5);
byte num17 = 0;
if (offset == 0)
{
num17 = (byte)(num17 | 1);
}
if (!bMoreKeys)
{
num17 = (byte)(num17 | 2);
}
packet.WriteByte(num17);
packet.WriteByte(0);
packet.WriteLittleEndian16((short)0);
foreach (ulong num18 in list)
{
packet.Write(BitConverter.GetBytes(num18), 0, 8);
}
IsoLayer.SendPDU(packet, IsoLayer.PDUType2.PDUTYPE2_BITMAPCACHE_PERSISTENT_LIST, Secure.RDPEncrypted() ? (int)(MCS.TS_SECURITY_HEADER.SEC_ENCRYPT) : 0);
offset += list.Count;
num6 += num12;
num7 += num13;
num8 += num14;
num9 += num15;
num10 += num16;
}
}
// Input
internal static void inputloop()
{
m_bHalt = false;
m_bExceptionReported = false;
m_InputCache.Clear();
m_KeepAliveTimer = DateTime.Now;
try
{
List <InputInfo> inputToSend = new List <InputInfo>();
List <InputInfo> list2 = new List <InputInfo>();
while (!m_bHalt)
{
lock (m_InputCache)
{
inputToSend.Clear();
DateTime now = DateTime.Now;
foreach (InputInfo info in m_InputCache)
{
TimeSpan span = (TimeSpan)(now - info.TimeStamp);
if (span.TotalMilliseconds > 80)
{
inputToSend.Add(info);
list2.Add(info);
}
}
TimeSpan span2 = (TimeSpan)(DateTime.Now - m_KeepAliveTimer);
if (span2.TotalSeconds > 30)
{
IsoLayer.RefreshRect(new Rectangle[] { new Rectangle(0, 0, 0x20, 0x20) });
}
foreach (InputInfo info2 in list2)
{
m_InputCache.Remove(info2);
}
list2.Clear();
}
if (inputToSend.Count > 0)
{
IsoLayer.FastSendInput(inputToSend);
}
Thread.Sleep(60);
}
}
catch (EndOfTransmissionException)
{
Options.OnClosed();
}
catch (SocketAbortException)
{
}
catch (ThreadAbortException)
{
}
catch (Exception exception)
{
if (!m_bExceptionReported)
{
m_bExceptionReported = true;
Options.OnError(exception);
}
}
}
/// <summary>
/// Negotiation Start
/// </summary>
/// <param name="loadBalanceToken">null</param>
/// <param name="bAutoReconnect">false</param>
internal static void sendСonnectionRequest(byte[] loadBalanceToken, bool bAutoReconnect)
{
int num;
Secure.dec_count = 0;
Secure.enc_count = 0;
Network.ConnectionStage = Network.eConnectionStage.Negotiating;
if (Options.enableNLA)
{
// Client X.224 Connection Request PDU
sendConnectNegotiation(
NegotiationProtocol.PROTOCOL_RDP |
NegotiationProtocol.PROTOCOL_SSL |
NegotiationProtocol.PROTOCOL_HYBRID,
loadBalanceToken);
// Server X.224 Connection Confirm PDU
num = receiveConnectNegotiation();
if (num == Main.SecureValue3) // SSL подключение запрещено настройками сервера
{
Network.Close();
Network.Connect(Options.Host, Options.Port);
// Client X.224 Connection Request PDU
sendConnectNegotiation(NegotiationProtocol.PROTOCOL_RDP, loadBalanceToken);
// Server X.224 Connection Confirm PDU
num = receiveConnectNegotiation();
if (num != 0)
{
throw new RDFatalException("Security negotiation failed!");
}
}
else // SSL подключение разрешено
{
if (((num & 1) != 0) || ((num & 2) != 0))
{
Network.ConnectionStage = Network.eConnectionStage.Securing;
Network.ConnectSSL();
}
if ((num & 2) != 0)
{
Network.ConnectionStage = Network.eConnectionStage.Authenticating;
CredSSP.Negotiate(Network.GetSSLPublicKey());
}
}
}
else
{
// Client X.224 Connection Request PDU
sendConnectNegotiation(NegotiationProtocol.PROTOCOL_RDP, loadBalanceToken);
// Server X.224 Connection Confirm PDU
num = receiveConnectNegotiation();
if (num != 0)
{
throw new RDFatalException("Security negotiation failed!");
}
}
Network.ConnectionStage = Network.eConnectionStage.Establishing;
// Client MCS Connect Initial PDU
IsoLayer.SendTPKT(sendConnectInitial(sendMcsData(true, Channels.RegisteredChannels.Count, num)));
// Server MCS Connect Response PDU with GCC Conference Create Response
receiveConnectResponse();
// Client MCS Erect Domain Request PDU
send_ErectDomainRequest();
// Client MCS Attach User Request PDU
send_AttachUserRequest();
// Server MCS Attach User Confirm PDU
McsUserID = receive_AttachUserConfirm();
// Open User channel
send_ChannelJoinRequest(McsUserID + MCS_USERCHANNEL_BASE); // Client MCS Channel Join Request PDU
receive_ChannelJoinConfirm(); // Server MCS Channel Join Confirm PDU
// Open Global channel
send_ChannelJoinRequest(MSC_GLOBAL_CHANNEL);
receive_ChannelJoinConfirm();
// Open over channels
foreach (var channel in Channels.RegisteredChannels)
{
if (serverSupportedChannels.Contains(channel.ChannelID))
{
send_ChannelJoinRequest(channel.ChannelID);
receive_ChannelJoinConfirm();
Debug.WriteLine("Client open over channel: " + channel.ChannelID.ToString());
}
}
int num2 = 0x40;
if (Secure.RDPEncrypted())
{
Network.ConnectionStage = Network.eConnectionStage.SecureAndLogin;
RdpPacket packet = Secure.establishKey();
packet.Position = 0L;
IsoLayer.SendMCS(packet, MSC_GLOBAL_CHANNEL);
num2 |= 8;
}
else
{
Network.ConnectionStage = Network.eConnectionStage.Login;
}
// Client Info PDU
IsoLayer.SendToGlobalChannel(getLoginInfo(Options.Domain, Options.Username, Options.Password, "", "", bAutoReconnect), num2);
}