Closed ner00 closed 3 years ago
I get the following error from the client when connecting to the honeypot:
Because of a protocol error, this session will be disconnected. Please try connecting to the remote computer again.
First, I used rdpy-rdpmitm.py to run the MITM server and record the RSS file: root@root:~# rdpy-rdpmitm.py -o /root/rss/ 192.168.0.100
root@root:~# rdpy-rdpmitm.py -o /root/rss/ 192.168.0.100
This recorded 2 files:
20180401215207_192.168.0.100_1.rss 20180401215208_192.168.0.100_2.rss
The first one has only 10KB and the second has 7MB. The 10KB file was not accepted by the honeypot as argument, but the 2nd file is accepted.
So, I tried using the second recorded session file with the honeypot:
root@root:~# rdpy-rdphoneypot.py /root/rss/20180401215208_192.168.0.100_2.rss [*] INFO: Build size map [*] INFO: (1920, 1080) -> /root/rss/20180401215208_192.168.0.100_2.rss
But then, when I connect a client to the honeypot, it gets disconnected with the following error (client side):
On the honeypot console I get the following:
[*] INFO: Connection from 192.168.0.100:24664 [*] INFO: Connection from 192.168.0.100:24665 [*] INFO: select file (1920, 1080) -> /root/rss/20180401215208_192.168.0.100_2.rss [*] INFO: Credentials: domain: username: password: hostname: DESKTOP-ASJ3R1 [*] INFO: Credentials: domain: username: password: hostname: DESKTOP-ASJ3R1
What am I doing wrong?
I get the following error from the client when connecting to the honeypot:
First, I used rdpy-rdpmitm.py to run the MITM server and record the RSS file:
root@root:~# rdpy-rdpmitm.py -o /root/rss/ 192.168.0.100This recorded 2 files:
The first one has only 10KB and the second has 7MB. The 10KB file was not accepted by the honeypot as argument, but the 2nd file is accepted.
So, I tried using the second recorded session file with the honeypot:
But then, when I connect a client to the honeypot, it gets disconnected with the following error (client side):
On the honeypot console I get the following:
What am I doing wrong?