search

SySS-Research / Seth

Perform a MitM attack and extract clear text credentials from RDP connections
MIT License
1.38k stars 325 forks source link

unsupported operand type(s) for %: 'bytes' and 'bytes' #18

Closed therokh closed 6 years ago

therokh commented 6 years ago

Hi, I'm encountering an error when trying to connect to the RDP proxy:

./seth.sh ens192 10.3.201.10 10.3.201.50 10.3.201.20

[] Spoofing arp replies... [] Turning on IP forwarding... [] Set iptables rules for SYN packets... [] Waiting for a SYN packet to the original destination... [+] Got it! Original destination is 10.3.201.20 [] Clone the x509 certificate of the original destination... [] Adjust the iptables rule for all packets... [*] Run RDP proxy...

Listening for new connection Connection received from 10.3.201.50:22750 Downgrading authentication options from 11 to 3 Listening for new connection Enable SSL Exception in thread Thread-1: Traceback (most recent call last): File "/usr/lib64/python3.4/threading.py", line 911, in _bootstrap_inner self.run() File "/opt/Seth/seth/main.py", line 47, in run self.forward_data() File "/opt/Seth/seth/main.py", line 171, in forward_data self.save_vars(parse_rdp(data, self.vars, From=From)) File "/opt/Seth/seth/parsing.py", line 226, in parse_rdp result.update(parse_rdp_packet(bytes[:length+pad], vars, From=From)) File "/opt/Seth/seth/parsing.py", line 258, in parse_rdp_packet regex = b".*%s0002000000" % hexlify(b"NTLMSSP") TypeError: unsupported operand type(s) for %: 'bytes' and 'bytes'

Connection received from 10.3.201.50:22751 Listening for new connection Downgrading authentication options from 11 to 3 Enable SSL Exception in thread Thread-2: Traceback (most recent call last): File "/usr/lib64/python3.4/threading.py", line 911, in _bootstrap_inner self.run() File "/opt/Seth/seth/main.py", line 47, in run self.forward_data() File "/opt/Seth/seth/main.py", line 171, in forward_data self.save_vars(parse_rdp(data, self.vars, From=From)) File "/opt/Seth/seth/parsing.py", line 226, in parse_rdp result.update(parse_rdp_packet(bytes[:length+pad], vars, From=From)) File "/opt/Seth/seth/parsing.py", line 258, in parse_rdp_packet regex = b".*%s0002000000" % hexlify(b"NTLMSSP") TypeError: unsupported operand type(s) for %: 'bytes' and 'bytes'

The real host is Windows Server 2012 R2

therokh commented 6 years ago

I am using Python 3.4.5.

I was able to work around this by changing the various lines in parsing.py that had the following: regex = b".*%s0002000000" % hexlify(b"NTLMSSP")

replace the % symbol with +

AdrianVollmer commented 6 years ago

Your change breaks things. I would not expect the program to work properly.

Looks like you need at least Python 3.5 to use Seth.

https://mail.python.org/pipermail/python-dev/2014-March/133621.html