Open Res260 opened 4 years ago
We are planning to release 1.1.0 in the next month or so. Do you feel like working on this to make the cut or not?
Probably not, it would require a lot of testing and require changes to a lot of parts on the code base. I might be overestimating the effort, though. If someone wants to work on it I can share what I did.
You can open a draft PR if you want but it's not a necessity since we are not going to work on this for 1.1.0. Thanks for the quick reply.
Right now, when receiving the clientData PDU (MCS connect initial, https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rdpbcgr/db6713ee-1c0e-4064-a3b3-0fac30b4037b), PyRDP only parses the 3 required data blocks (clientCoreData, clientSecurityData, clientNetworkData) and one optionnal data block (clientClusterData).
However, more data blocks exist (see link above) such as one for multi-monitor support. This prevents more than one monitor to be used for an RDP connection through PyRDP which can reveal a MITM usage.
I worked a bit on this, I’ll submit a draft PR soon.
TODO:
EXTENDED_CLIENT_DATA_SUPPORTED
flag (currently flags are hardcoded to0x00
) (ref https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rdpbcgr/b2975bdc-6d56-49ee-9c57-f2ff3a0b6817)