protected static int ReadInteger(RdpPacket packet) { if (packet.ReadByte() != 2) { throw new Exception("Data Error!"); } int num2 = packet.ReadByte(); byte[] buffer = new byte[4]; switch (num2) { case 4: packet.Read(buffer, 0, 4); return(BitConverter.ToInt32(buffer, 0)); case 3: packet.Read(buffer, 0, 3); return(BitConverter.ToInt32(buffer, 0)); case 2: packet.Read(buffer, 0, 2); return(BitConverter.ToInt32(buffer, 0)); } packet.Read(buffer, 0, 1); return(BitConverter.ToInt32(buffer, 0)); }
private static void ProcesssResponse(RdpPacket packet, byte[] ServerPublicKey) { ASN1.ReadTag(packet, ASN1.SequenceTag(0), "TSRequest"); ASN1.ReadTag(packet, ASN1.ContextTag(0), "CTX_Version"); if (ASN1.ReadInteger(packet) < 2) { throw new Exception("TSRequest version not supported!"); } ASN1.CloseTag(packet, "CTX_Version"); byte[] buffer = null; int num2 = ASN1.ReadTag(packet, "Tag"); if (num2 == ASN1.ContextTag(1)) { ASN1.ReadTag(packet, ASN1.SequenceTag(0), "NegTokens"); ASN1.ReadTag(packet, ASN1.SequenceTag(0), "NegTokens2"); ASN1.ReadTag(packet, ASN1.ContextTag(0), "CTX_OctetString"); RDPClient.m_ChallengeMsg = new byte[ASN1.ReadTag(packet, ASN1.OctetStringTag(), "OctetString")]; packet.Read(RDPClient.m_ChallengeMsg, 0, RDPClient.m_ChallengeMsg.Length); ASN1.CloseTag(packet, "OctetString"); ASN1.CloseTag(packet, "CTX_OctetString"); ASN1.CloseTag(packet, "NegTokens2"); ASN1.CloseTag(packet, "NegTokens"); } else if (num2 == ASN1.ContextTag(3)) { buffer = new byte[ASN1.ReadTag(packet, ASN1.OctetStringTag(), "OctetString")]; packet.Read(buffer, 0, buffer.Length); ASN1.CloseTag(packet, "OctetString"); } ASN1.CloseTag(packet, "Tag"); ASN1.CloseTag(packet, "TSRequest"); if (buffer != null) { byte[] buffer2 = RDPClient.m_NTLMAuthenticate.DecryptMessage(buffer); buffer2[0] = (byte)(buffer2[0] - 1); if (!NTLM.CompareArray(buffer2, ServerPublicKey)) { throw new Exception("Unable to verify the server's public key!"); } buffer2[0] = (byte)(buffer2[0] + 1); SendTSRequest(null, WriteTSCredentials(), null); RDPClient.m_bAuthenticated = true; } else { ReadNegoToken(RDPClient.m_ChallengeMsg, ServerPublicKey); } }
private static void Send(RdpPacket packet) { packet.Position = 0L; byte[] buffer = new byte[packet.Length]; packet.Read(buffer, 0, (int)packet.Length); Network.Send(buffer); }
public void copyToByteArray(RdpPacket packet) { byte[] buffer = new byte[packet.Length]; packet.Position = 0L; packet.Read(buffer, 0, (int)packet.Length); Write(buffer, 0, buffer.Length); }
public byte[] Negotiate() { RdpPacket packet = new RdpPacket(); uint num = (((((((0xe2000000 | RDPClient.NTLMSSP_NEGOTIATE_EXTENDED_SESSION_SECURITY) | RDPClient.NTLMSSP_NEGOTIATE_ALWAYS_SIGN) | RDPClient.NTLMSSP_NEGOTIATE_NTLM) | RDPClient.NTLMSSP_NEGOTIATE_SEAL) | RDPClient.NTLMSSP_NEGOTIATE_SIGN) | RDPClient.NTLMSSP_REQUEST_TARGET) | RDPClient.NTLMSSP_NEGOTIATE_OEM) | RDPClient.NTLMSSP_NEGOTIATE_UNICODE; int position = (int)packet.Position; packet.WriteString("NTLMSSP", false); packet.WriteByte(0); packet.WriteLittleEndian32(1); packet.WriteLittleEndian32(num); int num3 = ((int)packet.Position) - position; num3 += 8; num3 += 8; if ((num & 0x2000000) != 0) { num3 += 8; } packet.WriteLittleEndian16((short)0); packet.WriteLittleEndian16((short)0); packet.WriteLittleEndian32(0); packet.WriteLittleEndian16((short)0); packet.WriteLittleEndian16((short)0); packet.WriteLittleEndian32(0); if ((num & 0x2000000) != 0) { this.WriteVersion(packet); } packet.Position = 0L; this.m_NegotiateMsg = new byte[packet.Length]; packet.Read(this.m_NegotiateMsg, 0, this.m_NegotiateMsg.Length); return(this.m_NegotiateMsg); }
internal static void send_to_channel(RdpPacket sec_data, int flags, int channel) { sec_data.Position = 0L; byte[] buffer = new byte[sec_data.Length]; sec_data.Read(buffer, 0, buffer.Length); if ((RDPClient.enc_count == 0x1000) && Secure.RDPEncrypted()) { Secure.m_Encrypt_Key = Secure.update(Secure.m_Encrypt_Key, RDPClient._r); byte[] destinationArray = new byte[Secure.m_KeyLength]; Array.Copy(Secure.m_Encrypt_Key, 0, destinationArray, 0, Secure.m_KeyLength); RDPClient.m_RC4_Enc.engineInitEncrypt(destinationArray); RDPClient.enc_count = 0; } if (Secure.RDPEncrypted()) { byte[] buffer3 = Secure.sign(RDPClient.m_Sec_Sign_Key, 8, Secure.m_KeyLength, buffer, buffer.Length); byte[] buffer4 = RDPClient.m_RC4_Enc.crypt(buffer); sec_data = new RdpPacket(); sec_data.WriteLittleEndian32(flags); sec_data.Write(buffer3, 0, buffer3.Length); sec_data.Write(buffer4, 0, buffer4.Length); } else { flags &= -9; sec_data = new RdpPacket(); if (flags != 0) { sec_data.WriteLittleEndian32(flags); } sec_data.Write(buffer, 0, buffer.Length); } SendMCS(sec_data, channel); RDPClient.enc_count++; }
internal static bool parse_authreq(RdpPacket data) { int count = 0; data.Position += 6L; count = data.getLittleEndian16(); if (count != 10) { throw new RDFatalException("Illegal length of license token!"); } RDPClient.m_In_Token = new byte[count]; data.Read(RDPClient.m_In_Token, 0, count); RDPClient.m_In_Sig = new byte[0x10]; data.Read(RDPClient.m_In_Sig, 0, 0x10); return(data.Position == data.Length); }
internal static void Write(RdpPacket data) { data.Position = 0L; byte[] buffer = new byte[data.Length]; data.Read(buffer, 0, (int)data.Length); Network.Send(buffer); }
internal static void processRedirection(RdpPacket data, bool bStdRedirect) { if (!bStdRedirect) { data.getLittleEndian16(); } data.getLittleEndian16(); data.getLittleEndian16(); RDPClient.sessionID = data.getLittleEndian32(); int num = data.getLittleEndian32(); if ((num & 1) != 0) { RDPClient.Host = data.ReadUnicodeString(); } byte[] buffer = null; if ((num & 2) != 0) { int count = data.getLittleEndian32(); buffer = new byte[count]; data.Read(buffer, 0, count); } if ((num & 4) != 0) { RDPClient.Username = data.ReadUnicodeString(); } if ((num & 8) != 0) { RDPClient.Domain = data.ReadUnicodeString(); } if ((num & 0x10) != 0) { RDPClient.Password = data.ReadUnicodeString(); } if ((num & 0x200) != 0) { RDPClient.Host = data.ReadUnicodeString(); } if ((num & 0x100) != 0) { RDPClient.Host = data.ReadUnicodeString(); } if (!string.IsNullOrEmpty(RDPClient.Domain)) { RDPClient.DomainAndUsername = RDPClient.Domain + @"\" + RDPClient.Username; } else { RDPClient.DomainAndUsername = RDPClient.Username; } if ((num & 0x80) == 0) { Network.Close(); Licence.Reset(); Network.Connect(RDPClient.Host, RDPClient.Port); MCS.send_connection_request(buffer, false); } }
internal static void process_demand(RdpPacket data) { byte[] buffer = new byte[RDPClient.modulus_size]; byte[] bytes = ASCIIEncoding.GetBytes(RDPClient.hostname, true); byte[] username = ASCIIEncoding.GetBytes(RDPClient.Username, true); data.Read(RDPClient.m_Server_Random, 0, RDPClient.m_Server_Random.Length); generate_keys(buffer, RDPClient.m_Server_Random, buffer); send_request(buffer, buffer, username, bytes); }
private static void logonInfoVersion2(RdpPacket data) { data.getLittleEndian16(); data.getLittleEndian32(); data.getLittleEndian32(); var cbDomain = data.getLittleEndian32(); data.Read(new byte[562], 0, 562); // Username + Padding var Domain = new byte[52]; data.Read(Domain, 0, cbDomain); RDPClient.Domain = System.Text.Encoding.Unicode.GetString(Domain).Replace("\0", ""); // Флаг авторизации if (RDPClient.FullXP) { RDPClient.GoodAuth = true; } }
private static bool parsePublicKey(RdpPacket data) { int num = 0; int num2 = 0; num = data.getLittleEndian32(); if (num != 0x31415352) { int num3 = 0x31415352; throw new RDFatalException("Bad magic header ! Need " + num3.ToString() + " but got " + num.ToString()); } num2 = data.getLittleEndian32(); if (num2 != (RDPClient.modulus_size + 8)) { RDPClient.modulus_size = num2 - 8; } data.Position += 8L; m_Exponent = new byte[4]; data.Read(m_Exponent, 0, 4); m_Modulus = new byte[RDPClient.modulus_size]; data.Read(m_Modulus, 0, RDPClient.modulus_size); return(data.Position <= data.Length); }
internal static void process_issue(RdpPacket data) { int count = 0; RC4 rc = new RC4(); byte[] destinationArray = new byte[RDPClient.m_LicenceKey.Length]; Array.Copy(RDPClient.m_LicenceKey, 0, destinationArray, 0, RDPClient.m_LicenceKey.Length); data.getLittleEndian16(); count = data.getLittleEndian16(); if ((data.Position + count) <= data.Length) { rc.engineInitDecrypt(destinationArray); byte[] buffer = new byte[count]; data.Read(buffer, 0, count); rc.crypt(buffer, 0, count, buffer, 0); } }
public static RdpPacket DecryptPacket(RdpPacket packet) { packet.Position += 8L; byte[] buffer = new byte[packet.Length - packet.Position]; packet.Read(buffer, 0, buffer.Length); if (RDPClient.dec_count == 0x1000) { m_Decrypt_Key = update(m_Decrypt_Key, RDPClient.m_Sec_Decrypt_Update_Key); byte[] destinationArray = new byte[m_KeyLength]; Array.Copy(m_Decrypt_Key, 0, destinationArray, 0, m_KeyLength); RDPClient.m_RC4_Dec.engineInitDecrypt(destinationArray); RDPClient.dec_count = 0; } RDPClient.dec_count++; byte[] buffer3 = RDPClient.m_RC4_Dec.crypt(buffer); packet = new RdpPacket(); packet.Write(buffer3, 0, buffer3.Length); packet.Position = 0L; return(packet); }
private static byte[] WriteTSCredentials() { RdpPacket packet = new RdpPacket(); ASN1.WriteTag(packet, ASN1.SequenceTag(0), "SEQ_TSCRED"); ASN1.WriteTag(packet, ASN1.ContextTag(0), "CTX_credType"); ASN1.WriteInteger(packet, 1); ASN1.CloseTag(packet, "CTX_credType"); ASN1.WriteTag(packet, ASN1.ContextTag(1), "CTX_credentials"); ASN1.WriteTag(packet, ASN1.OctetStringTag(), "CTX_OctetString"); ASN1.WriteTag(packet, ASN1.SequenceTag(0), "SEQ_Credentials"); ASN1.WriteTag(packet, ASN1.ContextTag(0), "CTX_domain"); ASN1.WriteTag(packet, ASN1.OctetStringTag(), "OctectString"); byte[] bytes = Encoding.Unicode.GetBytes(RDPClient.Domain); packet.Write(bytes, 0, bytes.Length); ASN1.CloseTag(packet, "OctectString"); ASN1.CloseTag(packet, "CTX_domain"); ASN1.WriteTag(packet, ASN1.ContextTag(1), "CTX_user"); ASN1.WriteTag(packet, ASN1.OctetStringTag(), "OctectString"); byte[] buffer = Encoding.Unicode.GetBytes(RDPClient.Username); packet.Write(buffer, 0, buffer.Length); ASN1.CloseTag(packet, "OctectString"); ASN1.CloseTag(packet, "CTX_user"); ASN1.WriteTag(packet, ASN1.ContextTag(2), "CTX_password"); ASN1.WriteTag(packet, ASN1.OctetStringTag(), "OctectString"); byte[] buffer3 = Encoding.Unicode.GetBytes(RDPClient.Password); packet.Write(buffer3, 0, buffer3.Length); ASN1.CloseTag(packet, "OctectString"); ASN1.CloseTag(packet, "CTX_password"); ASN1.CloseTag(packet, "SEQ_Credentials"); ASN1.CloseTag(packet, "CTX_OctetString"); ASN1.CloseTag(packet, "CTX_credentials"); ASN1.CloseTag(packet, "SEQ_TSCRED"); byte[] buffer4 = new byte[packet.Length]; packet.Position = 0L; packet.Read(buffer4, 0, buffer4.Length); return(RDPClient.m_NTLMAuthenticate.EncryptMessage(buffer4)); }
public byte[] ProcessChallenge(byte[] Challenge) { byte[] bytes; RdpPacket packet = new RdpPacket(); this.m_ChallengeMsg = Challenge; packet.Write(Challenge, 0, Challenge.Length); packet.Position = 0L; long position = packet.Position; if (packet.ReadString(8) != "NTLMSSP\0") { throw new Exception("Invalid negotiation token!"); } if (packet.getLittleEndian32() != 2) { throw new Exception("Expected challenge!"); } int count = packet.getLittleEndian16(); packet.getLittleEndian16(); int num4 = packet.getLittleEndian32(); uint flags = (uint)packet.getLittleEndian32(); DumpFlags(flags); byte[] buffer = new byte[8]; packet.Read(buffer, 0, 8); byte[] buffer2 = new byte[8]; packet.Read(buffer2, 0, 8); int num5 = packet.getLittleEndian16(); packet.getLittleEndian16(); int num6 = packet.getLittleEndian32(); if ((flags & 0x2000000) != 0) { byte[] buffer3 = new byte[8]; packet.Read(buffer3, 0, 8); } if ((flags & 0x20000000) == 0) { throw new Exception("Strong Encryption not supported by server"); } byte[] buffer4 = null; if (count > 0) { buffer4 = new byte[count]; packet.Position = position + num4; packet.Read(buffer4, 0, count); Encoding.Unicode.GetString(buffer4, 0, buffer4.Length); } AV_PAIRS av_pairs = new AV_PAIRS(); byte[] buffer5 = null; if (num5 <= 0) { throw new Exception("No TargetInfo!"); } packet.Position = position + num6; buffer5 = new byte[num5]; packet.Read(buffer5, 0, num5); packet = new RdpPacket(); packet.Write(buffer5, 0, buffer5.Length); packet.Position = 0L; av_pairs.Parse(packet); byte[] data = nTOWFv2(this.m_sDomain, this.m_sUsername, this.m_sPassword); m_Socket.AddBlob(PacketLogger.PacketType.NTLM_ResponseKeyNT, data); byte[] blob = new byte[8]; RNGCryptoServiceProvider provider = new RNGCryptoServiceProvider(); provider.GetBytes(blob); m_Socket.AddBlob(PacketLogger.PacketType.NTLM_ClientChallenge, blob); byte[] buffer8 = getLMv2Response(data, buffer, blob); if (this.m_bNTLMv2) { Array.Clear(buffer8, 0, buffer8.Length); } bool bGenerateMIC = false; if ((av_pairs.Timestamp.length <= 0) || !this.m_bNTLMv2) { bytes = BitConverter.GetBytes(DateTime.UtcNow.ToFileTimeUtc()); } else { bytes = av_pairs.Timestamp.value; bGenerateMIC = true; av_pairs.ProcessForNTLMv2(); buffer5 = av_pairs.Serialise(); } byte[] keyExchangeKey = null; byte[] buffer11 = getNTLMv2Response(data, buffer, blob, bytes, buffer5, out keyExchangeKey); m_Socket.AddBlob(PacketLogger.PacketType.NTLM_KeyExchangeKey, keyExchangeKey); byte[] encryptedRandomSessionKey = null; byte[] buffer13 = null; buffer13 = new byte[0x10]; provider.GetBytes(buffer13); m_Socket.AddBlob(PacketLogger.PacketType.NTLM_ExportedSessionKey, buffer13); encryptedRandomSessionKey = new byte[0x10]; RC4 rc = new RC4(); rc.engineInitEncrypt(keyExchangeKey); encryptedRandomSessionKey = rc.crypt(buffer13); if ((flags & 0x40000000) == 0) { encryptedRandomSessionKey = new byte[0]; buffer13 = keyExchangeKey; } this.InitSignKeys(buffer13); return(this.Authenticate(buffer8, buffer11, this.m_sDomain, this.m_sUsername, this.m_sWorkstation, encryptedRandomSessionKey, buffer13, bGenerateMIC)); }
private static void logonInfoExtended(RdpPacket data) { // Флаг авторизации if (RDPClient.FullXP) { RDPClient.GoodAuth = true; } data.getLittleEndian16(); var num2 = (FieldsPresent)data.getLittleEndian32(); // Reconnect Cookie if (num2.HasFlag(FieldsPresent.LOGON_EX_AUTORECONNECTCOOKIE)) { if (data.getLittleEndian32() != 0x1c) { throw new Exception("Invalid length for AutoReconnectCookie!"); } data.getLittleEndian32(); RDPClient.LogonID = data.getLittleEndian32(); if (RDPClient.ReconnectCookie == null) { RDPClient.ReconnectCookie = new byte[0x10]; } data.Read(RDPClient.ReconnectCookie, 0, RDPClient.ReconnectCookie.Length); } // Error if (num2.HasFlag(FieldsPresent.LOGON_EX_LOGONERRORS)) { var ErrorType = (ErrorNotificationType)data.getLittleEndian32(); var ErrorData = (ErrorNotificationData)data.getLittleEndian32(); // Проверка ошибок if (ErrorType.HasFlag(ErrorNotificationType.LOGON_MSG_NO_PERMISSION) || ErrorType.HasFlag(ErrorNotificationType.LOGON_MSG_DISCONNECT_REFUSED) || ErrorType.HasFlag(ErrorNotificationType.LOGON_MSG_SESSION_TERMINATE) || ErrorData.HasFlag(ErrorNotificationData.LOGON_FAILED_BAD_PASSWORD) || ErrorData.HasFlag(ErrorNotificationData.LOGON_WARNING) || ErrorData.HasFlag(ErrorNotificationData.LOGON_FAILED_OTHER)) { // Флаг авторизации if (RDPClient.FullXP) { RDPClient.GoodAuth = false; } } // Проверка на смену пароля if (ErrorData.HasFlag(ErrorNotificationData.LOGON_FAILED_UPDATE_PASSWORD)) { // Флаг смены пароля RDPClient.NeedChangePassword = true; // Флаг авторизации if (RDPClient.FullXP) { RDPClient.GoodAuth = true; } } } }
private byte[] Authenticate(byte[] lmChallengeResponse, byte[] ntChallengeResponse, string sDomainName, string sUser, string sWorkstation, byte[] EncryptedRandomSessionKey, byte[] ExportedSessionKey, bool bGenerateMIC) { RdpPacket packet = new RdpPacket(); uint flags = ((((((0xe2800000 | RDPClient.NTLMSSP_NEGOTIATE_EXTENDED_SESSION_SECURITY) | RDPClient.NTLMSSP_NEGOTIATE_ALWAYS_SIGN) | RDPClient.NTLMSSP_NEGOTIATE_NTLM) | RDPClient.NTLMSSP_NEGOTIATE_SEAL) | RDPClient.NTLMSSP_NEGOTIATE_SIGN) | RDPClient.NTLMSSP_REQUEST_TARGET) | RDPClient.NTLMSSP_NEGOTIATE_UNICODE; DumpFlags(flags); int position = (int)packet.Position; packet.WriteString("NTLMSSP", false); packet.WriteByte(0); packet.WriteLittleEndian32(3); int num3 = ((int)packet.Position) - position; num3 += 8; num3 += 8; num3 += 8; num3 += 8; num3 += 8; num3 += 8; num3 += 4; if ((flags & 0x2000000) != 0) { num3 += 8; } if (bGenerateMIC) { num3 += 0x10; } byte[] bytes = Encoding.Unicode.GetBytes(sDomainName); byte[] buffer = Encoding.Unicode.GetBytes(sUser); byte[] buffer3 = Encoding.Unicode.GetBytes(sWorkstation); int num4 = num3; int num5 = num4 + bytes.Length; int num6 = num5 + buffer.Length; int num7 = num6 + buffer3.Length; int num8 = num7 + lmChallengeResponse.Length; int num9 = num8 + ntChallengeResponse.Length; packet.WriteLittleEndian16((ushort)lmChallengeResponse.Length); packet.WriteLittleEndian16((ushort)lmChallengeResponse.Length); packet.WriteLittleEndian32(num7); num3 += lmChallengeResponse.Length; packet.WriteLittleEndian16((ushort)ntChallengeResponse.Length); packet.WriteLittleEndian16((ushort)ntChallengeResponse.Length); packet.WriteLittleEndian32(num8); num3 += ntChallengeResponse.Length; packet.WriteLittleEndian16((ushort)bytes.Length); packet.WriteLittleEndian16((ushort)bytes.Length); packet.WriteLittleEndian32(num4); num3 += bytes.Length; packet.WriteLittleEndian16((ushort)buffer.Length); packet.WriteLittleEndian16((ushort)buffer.Length); packet.WriteLittleEndian32(num5); num3 += buffer.Length; packet.WriteLittleEndian16((ushort)buffer3.Length); packet.WriteLittleEndian16((ushort)buffer3.Length); packet.WriteLittleEndian32(num6); num3 += buffer3.Length; packet.WriteLittleEndian16((ushort)EncryptedRandomSessionKey.Length); packet.WriteLittleEndian16((ushort)EncryptedRandomSessionKey.Length); packet.WriteLittleEndian32(num9); num3 += EncryptedRandomSessionKey.Length; packet.WriteLittleEndian32(flags); if ((flags & 0x2000000) != 0) { this.WriteVersion(packet); } long num10 = packet.Position; if (bGenerateMIC) { packet.WritePadding(0x10); } packet.Write(bytes, 0, bytes.Length); packet.Write(buffer, 0, buffer.Length); packet.Write(buffer3, 0, buffer3.Length); packet.Write(lmChallengeResponse, 0, lmChallengeResponse.Length); packet.Write(ntChallengeResponse, 0, ntChallengeResponse.Length); packet.Write(EncryptedRandomSessionKey, 0, EncryptedRandomSessionKey.Length); if (bGenerateMIC) { packet.Position = 0L; byte[] buffer4 = new byte[packet.Length]; packet.Read(buffer4, 0, buffer4.Length); HMACT64 hmact = new HMACT64(ExportedSessionKey); hmact.update(this.m_NegotiateMsg); hmact.update(this.m_ChallengeMsg); hmact.update(buffer4); byte[] buffer5 = hmact.digest(); packet.Position = num10; packet.Write(buffer5, 0, buffer5.Length); } packet.Position = 0L; byte[] buffer6 = new byte[packet.Length]; packet.Read(buffer6, 0, buffer6.Length); return(buffer6); }
internal static int parseCryptInfo(RdpPacket data) { int num2 = 0; int num3 = 0; int num4 = 0; int num5 = 0; int num6 = 0; int num7 = 0; num7 = data.getLittleEndian32(); if (data.getLittleEndian32() == 0) { if (!Network.SSLConnection) { throw new RDFatalException("Server does not support encrypted connections!"); } return(0); } int count = data.getLittleEndian32(); num2 = data.getLittleEndian32(); if (count != 0x20) { string[] strArray = new string[] { "Wrong size of random key size! Accepted ", count.ToString(), " but ", 0x20.ToString(), "!" }; throw new RDFatalException(string.Concat(strArray)); } m_Server_Random = new byte[count]; data.Read(m_Server_Random, 0, count); num6 = ((int)data.Position) + num2; if (num6 > data.Length) { throw new RDFatalException("Crypt Info too short!"); } if ((data.getLittleEndian32() & 1) != 0) { data.Position += 8L; while (data.Position < data.Length) { num3 = data.getLittleEndian16(); num4 = data.getLittleEndian16(); num5 = ((int)data.Position) + num4; switch (num3) { case 6: if (parsePublicKey(data)) { break; } return(0); } data.Position = num5; } return(num7); } int num9 = data.getLittleEndian32(); int num10 = 0; if (num9 < 2) { throw new RDFatalException("Illegal number of certificates " + num9.ToString()); } while (num9 > 2) { num10 = data.getLittleEndian32(); data.Position += num10; num9--; } byte[] buffer = new byte[data.getLittleEndian32()]; data.Read(buffer, 0, buffer.Length); X509Certificate certificate = new X509Certificate(buffer); m_Server_Public_Key = new byte[StaticSettings.SecureValue1]; Array.Copy(certificate.GetPublicKey(), 5, m_Server_Public_Key, 0, StaticSettings.SecureValue1); byte[] buffer2 = new byte[data.getLittleEndian32()]; data.Read(buffer2, 0, buffer2.Length); X509Certificate certificate2 = new X509Certificate(buffer2); m_Server_Public_Key = new byte[StaticSettings.SecureValue1]; Array.Copy(certificate2.GetPublicKey(), 5, m_Server_Public_Key, 0, StaticSettings.SecureValue1); RDPClient.readCert = true; return(num7); }
public void Parse(RdpPacket packet) { NTLM.AV_ID av_id; byte[] buffer = null; do { av_id = (NTLM.AV_ID)packet.getLittleEndian16(); int count = packet.getLittleEndian16(); if (count > 0) { if (av_id != NTLM.AV_ID.MsvAvFlags) { buffer = new byte[count]; packet.Read(buffer, 0, count); } else { this.Flags = packet.getLittleEndian32(); } } switch (av_id) { case NTLM.AV_ID.MsvAvNbComputerName: this.NbComputerName.length = count; this.NbComputerName.value = buffer; this.sNbComputerName = Encoding.Unicode.GetString(this.NbComputerName.value, 0, this.NbComputerName.value.Length); break; case NTLM.AV_ID.MsvAvNbDomainName: this.NbDomainName.length = count; this.NbDomainName.value = buffer; this.sNbDomainName = Encoding.Unicode.GetString(this.NbDomainName.value, 0, this.NbDomainName.value.Length); break; case NTLM.AV_ID.MsvAvDnsComputerName: this.DnsComputerName.length = count; this.DnsComputerName.value = buffer; this.sDnsComputerName = Encoding.Unicode.GetString(this.DnsComputerName.value, 0, this.DnsComputerName.value.Length); break; case NTLM.AV_ID.MsvAvDnsDomainName: this.DnsDomainName.length = count; this.DnsDomainName.value = buffer; this.sDnsDomainName = Encoding.Unicode.GetString(this.DnsDomainName.value, 0, this.DnsDomainName.value.Length); break; case NTLM.AV_ID.MsvAvDnsTreeName: this.DnsTreeName.length = count; this.DnsTreeName.value = buffer; break; case NTLM.AV_ID.MsvAvTimestamp: this.Timestamp.length = count; this.Timestamp.value = buffer; break; case NTLM.AV_ID.MsvAvRestrictions: this.Restrictions.length = count; this.Restrictions.value = buffer; break; case NTLM.AV_ID.MsvAvTargetName: this.TargetName.length = count; this.TargetName.value = buffer; break; case NTLM.AV_ID.MsvChannelBindings: this.ChannelBindings.length = count; this.ChannelBindings.value = buffer; break; } }while (av_id != NTLM.AV_ID.MsvAvEOL); }
public byte[] Serialise() { RdpPacket packet = new RdpPacket(); if (this.NbDomainName.length > 0) { packet.WriteLittleEndian16((short)2); packet.WriteLittleEndian16((short)this.NbDomainName.length); packet.Write(this.NbDomainName.value, 0, this.NbDomainName.length); } if (this.NbComputerName.length > 0) { packet.WriteLittleEndian16((short)1); packet.WriteLittleEndian16((short)this.NbComputerName.length); packet.Write(this.NbComputerName.value, 0, this.NbComputerName.length); } if (this.DnsDomainName.length > 0) { packet.WriteLittleEndian16((short)4); packet.WriteLittleEndian16((short)this.DnsDomainName.length); packet.Write(this.DnsDomainName.value, 0, this.DnsDomainName.length); } if (this.DnsComputerName.length > 0) { packet.WriteLittleEndian16((short)3); packet.WriteLittleEndian16((short)this.DnsComputerName.length); packet.Write(this.DnsComputerName.value, 0, this.DnsComputerName.length); } if (this.DnsTreeName.length > 0) { packet.WriteLittleEndian16((short)5); packet.WriteLittleEndian16((short)this.DnsTreeName.length); packet.Write(this.DnsTreeName.value, 0, this.DnsTreeName.length); } if (this.Timestamp.length > 0) { packet.WriteLittleEndian16((short)7); packet.WriteLittleEndian16((short)this.Timestamp.length); packet.Write(this.Timestamp.value, 0, this.Timestamp.length); } if (this.Flags != 0) { packet.WriteLittleEndian16((short)6); packet.WriteLittleEndian16((short)4); packet.WriteLittleEndian32(this.Flags); } if (this.Restrictions.length > 0) { packet.WriteLittleEndian16((short)8); packet.WriteLittleEndian16((short)this.Restrictions.length); packet.Write(this.Restrictions.value, 0, this.Restrictions.length); } if (this.ChannelBindings.length > 0) { packet.WriteLittleEndian16((short)10); packet.WriteLittleEndian16((short)this.ChannelBindings.length); packet.Write(this.ChannelBindings.value, 0, this.ChannelBindings.length); } if (this.TargetName.value != null) { packet.WriteLittleEndian16((short)9); packet.WriteLittleEndian16((short)this.TargetName.length); packet.Write(this.TargetName.value, 0, this.TargetName.length); } packet.WriteLittleEndian16((short)0); packet.WriteLittleEndian16((short)0); packet.WritePadding(8); byte[] buffer = new byte[packet.Length]; packet.Position = 0L; packet.Read(buffer, 0, buffer.Length); return(buffer); }
public void append(RdpPacket value) { byte[] buffer = new byte[value.Length - value.Position]; value.Read(buffer, 0, buffer.Length); Write(buffer, 0, buffer.Length); }