diff -u rdesktop-1.4.1/rdesktop.c rdesktop-1.4.1-dic/rdesktop.c --- rdesktop-1.4.1/rdesktop.c 2005-04-23 00:12:28.000000000 +0200 +++ rdesktop-1.4.1-dic/rdesktop.c 2005-07-08 01:14:04.515625000 +0200 @@ -16,6 +16,11 @@ You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + + + 2005-07-07 - Added dictionary support for automated login testing + patrik@cqure.net + */ #include /* va_list va_start va_end */ @@ -88,6 +93,7 @@ uint32 g_embed_wnd; uint32 g_rdp5_performanceflags = RDP5_NO_WALLPAPER | RDP5_NO_FULLWINDOWDRAG | RDP5_NO_MENUANIMATIONS; +FILE *g_logger = NULL; #ifdef WITH_RDPSND BOOL g_rdpsnd = False; @@ -100,6 +106,7 @@ extern RDPDR_DEVICE g_rdpdr_device[]; extern uint32 g_num_devices; extern char *g_rdpdr_clientname; +extern BOOL g_loggedon; #ifdef RDP2VNC extern int rfb_port; @@ -114,6 +121,7 @@ { fprintf(stderr, "rdesktop: A Remote Desktop Protocol client.\n"); fprintf(stderr, "Version " VERSION ". Copyright (C) 1999-2005 Matt Chapman.\n"); + fprintf(stderr, "Password guess patch by patrik@cqure.net\n"); fprintf(stderr, "See http://www.rdesktop.org/ for more information.\n\n"); fprintf(stderr, "Usage: %s [options] server[:port]\n", program); @@ -125,7 +133,7 @@ fprintf(stderr, " -d: domain\n"); fprintf(stderr, " -s: shell\n"); fprintf(stderr, " -c: working directory\n"); - fprintf(stderr, " -p: password (- to prompt)\n"); + fprintf(stderr, " -p: password (- to prompt,filename for dictionary)\n"); fprintf(stderr, " -n: client hostname\n"); fprintf(stderr, " -k: keyboard layout on server (en-us, de, sv, etc.)\n"); fprintf(stderr, " -g: desktop geometry (WxH)\n"); @@ -169,6 +177,7 @@ fprintf(stderr, " -0: attach to console\n"); fprintf(stderr, " -4: use RDP version 4\n"); fprintf(stderr, " -5: use RDP version 5 (default)\n"); + fprintf(stderr, " -l: logfile\n"); } void @@ -355,6 +364,41 @@ } +void +chomp( char *p ) +{ + while( *p ) + { + if (( '\r' == *p ) || ( '\n' == *p ) ) + *p = 0; + + *p++; + } +} + +int +logprintf( const char *format, ... ) +{ + + va_list args; + int i; + + va_start( args, format ); + + if ( g_logger ) { + i = vfprintf( g_logger, format, args ); + vprintf( format, args ); + } + else { + i = vprintf( format, args ); + } + + va_end( args ); + + return i; +} + + /* Client program */ int main(int argc, char *argv[]) @@ -365,11 +409,12 @@ char password[64]; char shell[128]; char directory[32]; + FILE *dicfile = NULL; BOOL prompt_password, deactivated; struct passwd *pw; uint32 flags, ext_disc_reason = 0; char *p; - int c; + int c, i; int username_option = 0; @@ -388,7 +433,7 @@ #endif while ((c = getopt(argc, argv, - VNCOPT "u:L:d:s:c:p:n:k:g:fbBeEmzCDKS:T:NX:a:x:Pr:045h?")) != -1) + VNCOPT "u:L:d:s:c:p:n:k:g:fbBeEmzCDKS:T:NX:a:x:Pr:045h?l:")) != -1) { switch (c) { @@ -437,6 +482,10 @@ prompt_password = True; break; } + else if ( (dicfile = fopen( optarg, "r" ) ) ) { + flags |= RDP_LOGON_AUTO; + break; + } STRNCPY(password, optarg, sizeof(password)); flags |= RDP_LOGON_AUTO; @@ -681,6 +730,13 @@ case '5': g_use_rdp5 = True; break; + case 'l': + if ( NULL == ( g_logger = fopen( optarg, "w" ) ) ) + { + fprintf(stderr, "Failed to open logfile (%s)\n", optarg); + return 1; + } + break; case 'h': case '?': @@ -763,27 +819,76 @@ #endif rdpdr_init(); - if (!rdp_connect(server, flags, domain, password, shell, directory)) - return 1; + if ( !dicfile ) + if (!rdp_connect(server, flags, domain, password, shell, directory)) + return 1; /* By setting encryption to False here, we have an encrypted login packet but unencrypted transfer of other packets */ if (!packet_encryption) g_encryption = False; - - DEBUG(("Connection successful.\n")); - memset(password, 0, sizeof(password)); + if ( !dicfile ) + { + DEBUG(("Connection successful.\n")); + memset(password, 0, sizeof(password)); + } if (ui_create_window()) { - rdp_main_loop(&deactivated, &ext_disc_reason); + + if ( dicfile ) { + + logprintf("\nStarting dictionary attack against server %s\n", server); + logprintf("------------------------------------------"); + + for ( i=0; i= 2) @@ -1081,7 +1186,6 @@ } } - /* not all clibs got ltoa */ #define LTOA_BUFSIZE (sizeof(long) * 8 + 1) diff -u rdesktop-1.4.1/rdp.c rdesktop-1.4.1-dic/rdp.c --- rdesktop-1.4.1/rdp.c 2005-04-23 00:12:28.000000000 +0200 +++ rdesktop-1.4.1-dic/rdp.c 2005-07-08 01:06:06.234375000 +0200 @@ -16,6 +16,9 @@ You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + + 2005-07-07 Addedd support for detecting failed/successful login attempts + */ #include @@ -64,6 +67,8 @@ static BOOL g_iconv_works = True; #endif +BOOL g_loggedon = False; + /* Receive an RDP packet */ static STREAM rdp_recv(uint8 * type) @@ -1241,6 +1246,7 @@ case RDP_DATA_PDU_LOGON: DEBUG(("Received Logon PDU\n")); + g_loggedon = True; /* User logged on */ break; @@ -1274,6 +1280,12 @@ while (cont) { + + if ( !g_loggedon ) + rdp_send_scancode( time(NULL), RDP_KEYPRESS, 1 ); + else + disc = True; + s = rdp_recv(&type); if (s == NULL) return False;