RDP Connection Issue/Error

[ChrisTruncer]

Hi there,

I'm attempting to loop over connecting to multiple machines via RDP, and I'm getting an error in rdpy. If I'm writing this code wrong, I'd love to know, otherwise I wanted to report this bug to you. The pastebin here (http://pastebin.com/3Rx4vd5B) shows the error that I'm getting. The top is the error, the bottom part is the specific function I am using to connect via RDP and make a screenshot.

If you need to see my full code, it's here - https://github.com/ChrisTruncer/EyeWitness/tree/Eyewitness_deaux_Shmoo

[ChrisTruncer]

This is only happening when I am providing a file for input (and it's looping over connecting to multiple machines). When I connect to a single machine to screenshot, it works perfect. The problem is only when I'm looping.

Also, when I encounter that issue with looping, I am only getting back black screens as the screenshot.

[citronneur]

Hi,

I will test your script.

First things i saw, i think you need to create only one reactor and only one app by script, not in your function.

As param of your function

create application

app = QtGui.QApplication(sys.argv)

At header of your script

add qt4 reactor

import qt4reactor qt4reactor.install() from twisted.internet import reactor

And then you need to call reactor.runReturn() app.exec_() only one time by script calling.

After, what kind of target is (windows xp or seven or 8)?

[ChrisTruncer]

Also, I just got this error when trying to RDP into a single computer - http://pastebin.com/4wzVC89L

[ChrisTruncer]

I'm testing these against systems on the internet that have RDP open. I don't know their exact operating systems, but I can provide IP addresses if you need it. Just let me know and I can DM them to you over twitter.

As for creating the reactor, I am only doing that once (I learned that after a lot of trial and error :)). That function (screenshotrdp) is only being called once. The loop is inside that function, but the creation of the reactor and the reactor.runReturn() app.exec() is outside of the loop, and only executed once.

[citronneur]

Ok,

The first error is normal. It's certainly a windows XP that doesn't support SSL connection. RDPY doesn't support old version of XP (SP1 and SP2). Sorry...

rdpy.base.error.InvalidExpectedDataException: negotiation failure code 2 -> SSL_NOT_ALLOWED_BY_SERVER = 0x00000002

[ChrisTruncer]

That first error is from a Server 2003 box (just confirmed). Is there any way possible to support the older versions of RDP? It might not be, but figured I'd ask if it was something for a future update.

[ChrisTruncer]

Also, where would be the best place to catch any of these errors? I'm trying to do something similar to this for a proof of concept:

try: reactor.connectTCP( ip_rdp, int(port_rdp), rdp_screenshot.RDPScreenShotFactory( width, height, rdp_object.rdp_screenshot_path, timeout, reactor, app)) except: print "Error here"

But that won't catch it. Any thoughts?

By the way, just wanted to say I really appreciate all your help working on this. Thank you for it!

[citronneur]

The security layer use in old version of RDP is not supported in futur release. If you really need it, I can plan it.

For the second error i push a commit on hotfix branch. Can you try it?

Thanks.

[ChrisTruncer]

I just tested the hotfix branch, that fix works perfectly! :)

[citronneur]

I think try catch over the reactor.runReturn()

[ChrisTruncer]

Here's the rdpy-rdpscreenshot slightly modified with the try except covering all of "main" - http://pastebin.com/GUMQq3GV

It looks like it SHOULD catch the error, but it doesn't. I'm a little confused at this, and didn't know if you had an idea.

[citronneur]

There is no magic error handling. The only thing i found is: http://stackoverflow.com/questions/6962738/twisted-unhandled-error

I push som other things in screenshot script that is usefull in your context. Reactor stop after all is Done.

Sylvain

[ChrisTruncer]

Sweet, I'll test that out.

To address your earlier question, I personally would really love see RDPY include support for older versions of RDP (Windows XP, Server 2003, etc.). When I go on security tests, we definitely still see Windows XP and Server 2003 in environments, so having that support would be awesome.

Thanks again for all of your help, I really appreciate it!

[ChrisTruncer]

Actually, I'll go ahead and create a separate issue for that since it is off topic.

Thanks!