Пример #1
0
    void recv(InStream & stream, uint16_t len) override {
        this->len = len;

        /* terminalDescriptor(16) + pad4octetsA(4) + desktopSaveXGranularity(2) + desktopSaveYGranularity(2) +
         * pad2octetsA(2) + maximumOrderLevel(2) + numberFonts(2) + orderFlags(2) + orderSupport(NB_ORDER_SUPPORT) +
         * textFlags(2) + orderSupportExFlags(2) + pad4octetsB(4) + desktopSaveSize(4) + pad2octetsC(2) +
         * pad2octetsD(2) + textANSICodePage(2) + pad2octetsE(2)
         */
        const unsigned expected = 32 + NB_ORDER_SUPPORT + 20;
        if (!stream.in_check_rem(expected)){
            LOG(LOG_ERR, "Truncated OrderCaps, need=%u remains=%zu",
                expected, stream.in_remain());
            throw Error(ERR_MCS_PDU_TRUNCATED);
        }

        stream.in_copy_bytes(this->terminalDescriptor, 16);
        this->pad4octetsA = stream.in_uint32_le();
        this->desktopSaveXGranularity = stream.in_uint16_le();
        this->desktopSaveYGranularity = stream.in_uint16_le();
        this->pad2octetsA = stream.in_uint16_le();
        this->maximumOrderLevel = stream.in_uint16_le();
        this->numberFonts = stream.in_uint16_le();
        this->orderFlags = stream.in_uint16_le();
        stream.in_copy_bytes(this->orderSupport, NB_ORDER_SUPPORT);
        this->textFlags = stream.in_uint16_le();
        this->orderSupportExFlags = stream.in_uint16_le();
        this->pad4octetsB = stream.in_uint32_le();
        this->desktopSaveSize = stream.in_uint32_le();
        this->pad2octetsC = stream.in_uint16_le();
        this->pad2octetsD = stream.in_uint16_le();
        this->textANSICodePage = stream.in_uint16_le();
        this->pad2octetsE = stream.in_uint16_le();
    }
 void recv(InStream & stream) {
     // size_t size;
     this->RespType = stream.in_uint8();
     this->HiRespType = stream.in_uint8();
     stream.in_skip_bytes(2);
     stream.in_skip_bytes(4);
     stream.in_copy_bytes(this->Timestamp, 8);
     stream.in_copy_bytes(this->ClientChallenge, 8);
     stream.in_skip_bytes(4);
     this->AvPairList.recv(stream);
     stream.in_skip_bytes(4);
 }
    explicit PlainNotify_Recv(InStream & stream) {
        memset(Pad, 0, sizeof(Pad));

        const unsigned expected = 576;  // Pad(576)
        if (!stream.in_check_rem(expected)) {
            LOG(LOG_ERR,
                "Truncated Plain Notify (data): expected=%u remains=%zu",
                expected, stream.in_remain());
            throw Error(ERR_RDP_DATA_TRUNCATED);
        }

        stream.in_copy_bytes(this->Pad, sizeof(this->Pad));
    }
    explicit LogonInfoVersion2_Recv(InStream & stream) :
    Version(0),
    Size(0),
    SessionId(0),
    cbDomain(0),
    cbUserName(0) {
        memset(Pad,      0, sizeof(Pad));
        memset(Domain,   0, sizeof(Domain));
        memset(UserName, 0, sizeof(UserName));

        unsigned expected = 2 +     // Version(2)
                            4 +     // Size(4)
                            4 +     // SessionId(4)
                            4 +     // cbDomain(4)
                            4 +     // cbUserName(4)
                            558;    // Pad(558)
        if (!stream.in_check_rem(expected)) {
            LOG(LOG_ERR,
                "Truncated Logon Info Version 2 (data): expected=%u remains=%zu",
                expected, stream.in_remain());
            throw Error(ERR_RDP_DATA_TRUNCATED);
        }

        this->Version    = stream.in_uint16_le();
        this->Size       = stream.in_uint32_le();
        this->SessionId  = stream.in_uint32_le();
        this->cbDomain   = stream.in_uint32_le();
        this->cbUserName = stream.in_uint32_le();

        stream.in_copy_bytes(this->Pad, sizeof(this->Pad));

        expected = this->cbDomain +
                   this->cbUserName;    // SessionId(4)
        if (!stream.in_check_rem(expected)) {
            LOG(LOG_ERR,
                "Truncated Logon Info Version 2 (data): expected=%u remains=%zu",
                expected, stream.in_remain());
            throw Error(ERR_RDP_DATA_TRUNCATED);
        }

        stream.in_uni_to_ascii_str(this->Domain, this->cbDomain,
            sizeof(this->Domain));
        stream.in_uni_to_ascii_str(this->UserName, this->cbUserName,
            sizeof(this->UserName));

        LOG(LOG_INFO,
            "Logon Info Version 2 (data): Domain=\"%s\" UserName=\"%s\" SessionId=%d",
            this->Domain, this->UserName, this->SessionId);
    }   // LogonInfoVersion2_Recv(InStream & stream)
Пример #5
0
 void do_recv(char ** pbuffer, size_t len) override {
     size_t total_len = 0;
     while (total_len < len){
         size_t remaining = in_stream.in_remain();
         if (remaining >= (len - total_len)){
             in_stream.in_copy_bytes(*pbuffer + total_len, len - total_len);
             *pbuffer += len;
             return;
         }
         in_stream.in_copy_bytes(*pbuffer + total_len, remaining);
         total_len += remaining;
         switch (this->chunk_type){
         case PARTIAL_IMAGE_CHUNK:
         {
             const size_t header_sz = 8;
             char header_buf[header_sz];
             InStream header(header_buf);
             auto * p = header_buf;
             this->trans->recv(&p, header_sz);
             this->chunk_type = header.in_uint16_le();
             this->chunk_size = header.in_uint32_le();
             this->chunk_count = header.in_uint16_le();
             this->in_stream = InStream(this->buf, this->chunk_size - 8);
             p = this->buf;
             this->trans->recv(&p, this->chunk_size - 8);
         }
         break;
         case LAST_IMAGE_CHUNK:
             LOG(LOG_ERR, "Failed to read embedded image from WRM (transport closed)");
             throw Error(ERR_TRANSPORT_NO_MORE_DATA);
         default:
             LOG(LOG_ERR, "Failed to read embedded image from WRM");
             throw Error(ERR_TRANSPORT_READ_FAILED);
         }
     }
 }
    void recv(InStream & stream) {
        uint8_t const * pBegin = stream.get_current();
        bool res;
        res = this->message.recv(stream);
        if (!res) {
            LOG(LOG_ERR, "INVALID MSG RECEIVED type: %u", this->message.msgType);
        }
        this->LmChallengeResponse.recv(stream);
        this->NtChallengeResponse.recv(stream);
        this->DomainName.recv(stream);
        this->UserName.recv(stream);
        this->Workstation.recv(stream);
        this->EncryptedRandomSessionKey.recv(stream);
        this->negoFlags.recv(stream);
        if (this->negoFlags.flags & NTLMSSP_NEGOTIATE_VERSION) {
            this->version.recv(stream);
        }
        uint32_t min_offset = this->LmChallengeResponse.bufferOffset;
        if (this->NtChallengeResponse.bufferOffset < min_offset)
            min_offset = this->NtChallengeResponse.bufferOffset;
        if (this->DomainName.bufferOffset < min_offset)
            min_offset = this->DomainName.bufferOffset;
        if (this->UserName.bufferOffset < min_offset)
            min_offset = this->UserName.bufferOffset;
        if (this->Workstation.bufferOffset < min_offset)
            min_offset = this->Workstation.bufferOffset;
        if (this->EncryptedRandomSessionKey.bufferOffset < min_offset)
            min_offset = this->EncryptedRandomSessionKey.bufferOffset;
        if (min_offset + pBegin > stream.get_current()) {
            this->has_mic = true;
            stream.in_copy_bytes(this->MIC, 16);
        }
        else {
            this->has_mic = false;
        }

        // PAYLOAD
        this->LmChallengeResponse.read_payload(stream, pBegin);
        this->NtChallengeResponse.read_payload(stream, pBegin);
        this->DomainName.read_payload(stream, pBegin);
        this->UserName.read_payload(stream, pBegin);
        this->Workstation.read_payload(stream, pBegin);
        this->EncryptedRandomSessionKey.read_payload(stream, pBegin);
    }
 void recv(InStream & stream) {
     stream.in_copy_bytes(this->Response, 16);
     this->Challenge.recv(stream);
 }
 void recv(InStream & stream) {
     stream.in_copy_bytes(this->Response, 16);
     stream.in_copy_bytes(this->ClientChallenge, 8);
 }