1 |
forsberg |
429 |
======================================= |
2 |
|
|
rdpproxy: Man-in-the-middle RDP sniffer |
3 |
|
|
Matt Chapman <matthewc@cse.unsw.edu.au> |
4 |
|
|
Modified by Erik Forsberg <forsberg at cendio dot se> |
5 |
|
|
|
6 |
|
|
|
7 |
|
|
NOTE: This is a tool for developers, so it is a bit rough around the |
8 |
|
|
edges :) |
9 |
|
|
|
10 |
|
|
RDP4 |
11 |
|
|
---- |
12 |
|
|
Old Microsoft RDP4 clients should work "out of the box". Although with |
13 |
|
|
this version of rdpproxy, they don't. Umm.. don't know why. |
14 |
|
|
|
15 |
|
|
RDP5, Administration mode |
16 |
|
|
------------------------- |
17 |
|
|
You will need to replace tsprivkey.der with the private key from your |
18 |
|
|
Terminal Server. To do this, dump its secrets with Todd Sabin's |
19 |
|
|
lsadump2 (sold separately). Then pass the output of lsadump2 through |
20 |
|
|
extractkey.pl (just dumps that particular secret in binary) and finally |
21 |
|
|
rsa2der. |
22 |
|
|
|
23 |
|
|
RDP5, Application mode |
24 |
|
|
---------------------- |
25 |
|
|
This works as it should as far as I can see. |
26 |
|
|
|
27 |
|
|
|
28 |
|
|
======================================= |
29 |
|
|
pparser.py: Parser for turning rdpproxy output into readable form. |
30 |
|
|
Erik Forsberg <forsberg at cendio dot se> |
31 |
|
|
|
32 |
|
|
pparser.py can be used to get a more readable form of the packet trace |
33 |
|
|
output by rdpproxy. Just as rdpproxy, it's a developer tool, so it's |
34 |
|
|
usability may sometimes be.. uhm.. challenging :-). |
35 |
|
|
|
36 |
|
|
pparser.py can output several formats, but basically, only the TXT |
37 |
|
|
format is interesting unless you write a master thesis :-). |
38 |
|
|
|
39 |
|
|
pparser.py can sort out packets based on what channel they occur on, |
40 |
|
|
so it might very well be useful for developing support for new virtual |
41 |
|
|
channels such as sound and local drive redirection. |
42 |
|
|
|
43 |
|
|
In order to work, pparser.py expects ../keymaps to exist. |
44 |
|
|
|