Network configuration problems

[Chomikmarkus]

Hello! Have installed pyrdp on my VPS machine, (with ip82.221.123.4, for example) On my another VPS machine(same subnet,with ip:82.221.123.56, for example) i installed xrdp! So running next command: pyrdp-mitm.py 82.221.123.56 --- no output or whatever kind reaction from pyrdp when i log to my machine xrdp session same situation is when i run it with docker container!

key.pem             pyrdp-mitm.pypyrdp-clonecert.py  pyrdp_output
(venv) root@vps158041:~/pyrdp/bin# pyrdp-mitm.py 78.221.*.*

[2021-11-14 11:10:52,780] - INFO - GLOBAL - pyrdp.mitm - Target: 78.221.*.*:3389
[2021-11-14 11:10:52,790] - INFO - GLOBAL - pyrdp.mitm - Out
^@^C
[2021-11-14 11:11:28,351] - INFO - GLOBAL - pyrdp - MITM terminated 
11:10:52,792] - INFO - GLOBAL - pyrdp - MITM Ser
[2021-11-14 11:11:28,353] - INFO - GLOBAL - pyrdp.mitm - Target: 82.221.141.134:3389
[2021-11-14 11:11:28,354] - INFO - GLOBAL - pyrdp.mitm - Output directory: /root/pyrdp/bin/pyrdp_output
(venv) root@vps158041:~/pyrdp/bin# pyrdp-mitm.py 78.221.*.* -i 78.221.*.8
[2021-11-14 11:11:47,986] - INFO - GLOBAL - pyrdp.mitm - Target: 78.221.*.*:3389
[2021-11-14 11:11:47,986] - INFO - GLOBAL - pyrdp.mitm - Output directory: /root/pyrdp/bin/pyrdp_output
[2021-11-14 11:11:47,987] - INFO - GLOBAL - pyrdp - MITM Server listening on 0.0.0.0:3389

[obilodeau]

PyRDP doesn't do the network-level monster-in-the-middle (MITM) attack on its own. You need another tool to do that. You can use bettercap to achieve ARP poison and combine it with L3 transparent proxying to achieve that. Read more about transparent proxying here.

To start with a simpler test, the client should connect to the pyrdp machine 82.221.123.4 and you should run pyrdp-mitm.py with:

pyrdp-mitm.py 82.221.123.56

We are tracking the fact that we could simplify the setup via issue #266.

[Chomikmarkus]

Thanks gonna take a look,and come back to you!