Closed therokh closed 6 years ago
I am using Python 3.4.5.
I was able to work around this by changing the various lines in parsing.py that had the following: regex = b".*%s0002000000" % hexlify(b"NTLMSSP")
replace the % symbol with +
Your change breaks things. I would not expect the program to work properly.
Looks like you need at least Python 3.5 to use Seth.
https://mail.python.org/pipermail/python-dev/2014-March/133621.html
Hi, I'm encountering an error when trying to connect to the RDP proxy:
./seth.sh ens192 10.3.201.10 10.3.201.50 10.3.201.20
[] Spoofing arp replies... [] Turning on IP forwarding... [] Set iptables rules for SYN packets... [] Waiting for a SYN packet to the original destination... [+] Got it! Original destination is 10.3.201.20 [] Clone the x509 certificate of the original destination... [] Adjust the iptables rule for all packets... [*] Run RDP proxy...
Listening for new connection Connection received from 10.3.201.50:22750 Downgrading authentication options from 11 to 3 Listening for new connection Enable SSL Exception in thread Thread-1: Traceback (most recent call last): File "/usr/lib64/python3.4/threading.py", line 911, in _bootstrap_inner self.run() File "/opt/Seth/seth/main.py", line 47, in run self.forward_data() File "/opt/Seth/seth/main.py", line 171, in forward_data self.save_vars(parse_rdp(data, self.vars, From=From)) File "/opt/Seth/seth/parsing.py", line 226, in parse_rdp result.update(parse_rdp_packet(bytes[:length+pad], vars, From=From)) File "/opt/Seth/seth/parsing.py", line 258, in parse_rdp_packet regex = b".*%s0002000000" % hexlify(b"NTLMSSP") TypeError: unsupported operand type(s) for %: 'bytes' and 'bytes'
Connection received from 10.3.201.50:22751 Listening for new connection Downgrading authentication options from 11 to 3 Enable SSL Exception in thread Thread-2: Traceback (most recent call last): File "/usr/lib64/python3.4/threading.py", line 911, in _bootstrap_inner self.run() File "/opt/Seth/seth/main.py", line 47, in run self.forward_data() File "/opt/Seth/seth/main.py", line 171, in forward_data self.save_vars(parse_rdp(data, self.vars, From=From)) File "/opt/Seth/seth/parsing.py", line 226, in parse_rdp result.update(parse_rdp_packet(bytes[:length+pad], vars, From=From)) File "/opt/Seth/seth/parsing.py", line 258, in parse_rdp_packet regex = b".*%s0002000000" % hexlify(b"NTLMSSP") TypeError: unsupported operand type(s) for %: 'bytes' and 'bytes'
The real host is Windows Server 2012 R2