search

GoSecure / pyrdp

RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact
https://www.gosecure.net/blog/2020/10/20/announcing-pyrdp-1/
GNU General Public License v3.0
1.55k stars 248 forks source link

Can't connect on Windows Server in Remote Desktop Services mode #245

Open obilodeau opened 4 years ago

obilodeau commented 4 years ago

Windows 2016, activated Remote Desktop Services (RDS) in non-domain mode, using "Add Roles and Features" from the Local Server dashboard.

After a reboot, I could no longer connect using RDP with PyRDP active.

Stacktrace:

[2020-09-18 18:54:14,900] - ERROR - Debbie217777 - pyrdp.mitm.connections.tcp - Exception occurred when receiving: 0300000b06e00000000000

Traceback (most recent call last):
  File "/opt/venv/lib/python3.6/site-packages/twisted/python/log.py", line 103, in callWithLogger                                             
    return callWithContext({"system": lp}, func, *args, **kw)                              
  File "/opt/venv/lib/python3.6/site-packages/twisted/python/log.py", line 86, in callWithContext
    return context.call({ILogContext: newCtx}, func, *args, **kw)
  File "/opt/venv/lib/python3.6/site-packages/twisted/python/context.py", line 122, in callWithContext                                                         
    return self.currentContext().callWithContext(ctx, func, *args, **kw)
  File "/opt/venv/lib/python3.6/site-packages/twisted/python/context.py", line 85, in callWithContext                                                          
    return func(*args,**kw)                                                            
--- <exception caught here> ---
  File "/opt/venv/lib/python3.6/site-packages/twisted/internet/asyncioreactor.py", line 136, in _readOrWrite
    why = method()
  File "/opt/venv/lib/python3.6/site-packages/twisted/internet/tcp.py", line 243, in doRead
    return self._dataReceived(data)
  File "/opt/venv/lib/python3.6/site-packages/twisted/internet/tcp.py", line 249, in _dataReceived
    rval = self.protocol.dataReceived(data)
  File "/opt/venv/lib/python3.6/site-packages/pyrdp-0.4.2.dev0-py3.6-linux-x86_64.egg/pyrdp/layer/tcp.py", line 91, in dataReceived
    self.recv(data)
  File "/opt/venv/lib/python3.6/site-packages/pyrdp-0.4.2.dev0-py3.6-linux-x86_64.egg/pyrdp/layer/layer.py", line 143, in recv
    self.pduReceived(pdu)
  File "/opt/venv/lib/python3.6/site-packages/pyrdp-0.4.2.dev0-py3.6-linux-x86_64.egg/pyrdp/layer/layer.py", line 198, in pduReceived
    self.next.recv(pdu.payload)
  File "/opt/venv/lib/python3.6/site-packages/pyrdp-0.4.2.dev0-py3.6-linux-x86_64.egg/pyrdp/layer/segmentation.py", line 79, in recv
    layer.recv(forwarded)
  File "/opt/venv/lib/python3.6/site-packages/pyrdp-0.4.2.dev0-py3.6-linux-x86_64.egg/pyrdp/layer/buffered.py", line 55, in recv
    self.pduReceived(pdu)
  File "/opt/venv/lib/python3.6/site-packages/pyrdp-0.4.2.dev0-py3.6-linux-x86_64.egg/pyrdp/layer/layer.py", line 198, in pduReceived
    self.next.recv(pdu.payload)
  File "/opt/venv/lib/python3.6/site-packages/pyrdp-0.4.2.dev0-py3.6-linux-x86_64.egg/pyrdp/layer/layer.py", line 143, in recv
    self.pduReceived(pdu)
  File "/opt/venv/lib/python3.6/site-packages/pyrdp-0.4.2.dev0-py3.6-linux-x86_64.egg/pyrdp/layer/layer.py", line 195, in pduReceived
    Layer.pduReceived(self, pdu)
  File "/opt/venv/lib/python3.6/site-packages/pyrdp-0.4.2.dev0-py3.6-linux-x86_64.egg/pyrdp/layer/layer.py", line 110, in pduReceived
    self.observer.onPDUReceived(pdu)
  File "/opt/venv/lib/python3.6/site-packages/pyrdp-0.4.2.dev0-py3.6-linux-x86_64.egg/pyrdp/core/observer.py", line 82, in __call__
    self.composite.doCall(self.item, args, kwargs)
  File "/opt/venv/lib/python3.6/site-packages/pyrdp-0.4.2.dev0-py3.6-linux-x86_64.egg/pyrdp/core/observer.py", line 56, in doCall
    getattr(observer, item)(*args, **kwargs)
  File "/opt/venv/lib/python3.6/site-packages/pyrdp-0.4.2.dev0-py3.6-linux-x86_64.egg/pyrdp/layer/layer.py", line 48, in onPDUReceived
    self.handlers[pdu.header](pdu)
  File "/opt/venv/lib/python3.6/site-packages/pyrdp-0.4.2.dev0-py3.6-linux-x86_64.egg/pyrdp/mitm/X224MITM.py", line 62, in onConnectionRequest
    if self.originalRequest.flags & NegotiationRequestFlags.RESTRICTED_ADMIN_MODE_REQUIRED:
builtins.TypeError: unsupported operand type(s) for &: 'NoneType' and 'NegotiationRequestFlags'

There's probably something different in the connection flow that we need to adapt.

obilodeau commented 4 years ago

You can easily gain back access by right-clicking on the feature in the server feature pane and selecting "remove feature". Request a forced reboot (it's an option. I'm not sure if you lose access or not).