1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
|
description = [[
Determines which Security layer and Encryption level is supported by the
RDP service. It does so by cycling through all existing protocols and ciphers.
When run in debug mode, the script also returns the protocols and ciphers that
fail and any errors that were reported.
The script was inspired by MWR's RDP Cipher Checker
http://labs.mwrinfosecurity.com/tools/2009/01/12/rdp-cipher-checker/
]]
---
-- @usage
-- nmap -p 3389 --script rdp-enum-encryption <ip>
--
-- @output
-- PORT STATE SERVICE
-- 3389/tcp open ms-wbt-server
-- | Security layer
-- | CredSSP (NLA): SUCCESS
-- | CredSSP with Early User Auth: SUCCESS
-- | Native RDP: SUCCESS
-- | RDSTLS: SUCCESS
-- | SSL: SUCCESS
-- | RDP Encryption level: High
-- | 40-bit RC4: SUCCESS
-- | 56-bit RC4: SUCCESS
-- | 128-bit RC4: SUCCESS
-- | FIPS 140-1: SUCCESS
-- |_ RDP Protocol Version: RDP 5.x, 6.x, 7.x, or 8.x server
--
author = "Patrik Karlsson"
license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
local nmap = require("nmap")
local table = require("table")
local shortport = require("shortport")
local rdp = require("rdp")
local stdnse = require("stdnse")
local string = require "string"
categories = {"safe", "discovery"}
portrule = shortport.port_or_service(3389, "ms-wbt-server")
local function fail (err) return stdnse.format_output(false, err) end
local function enum_protocols(host, port)
local PROTOCOLS = {
["Native RDP"] = 0,
["SSL"] = 1,
["CredSSP (NLA)"] = 3,
["RDSTLS"] = 4,
["CredSSP with Early User Auth"] = 8
}
local ERRORS = {
[1] = "SSL_REQUIRED_BY_SERVER",
[2] = "SSL_NOT_ALLOWED_BY_SERVER",
[3] = "SSL_CERT_NOT_ON_SERVER",
[4] = "INCONSISTENT_FLAGS",
[5] = "HYBRID_REQUIRED_BY_SERVER"
}
local res_proto = { name = "Security layer" }
local proto_version
for k, v in pairs(PROTOCOLS) do
-- Prevent reconnecting too quickly, improves reliability
stdnse.sleep(0.2)
local comm = rdp.Comm:new(host, port)
if ( not(comm:connect()) ) then
return false, fail("Failed to connect to server")
end
local cr = rdp.Request.ConnectionRequest:new(v)
local status, response = comm:exch(cr)
if status then
if response.itut.data ~= "" then
local success = string.unpack("B", response.itut.data)
if ( success == 2 ) then
table.insert(res_proto, ("%s: SUCCESS"):format(k))
elseif ( nmap.debugging() > 0 ) then
local err = string.unpack("B", response.itut.data, 5)
if ( err > 0 ) then
table.insert(res_proto, ("%s: FAILED (%s)"):format(k, ERRORS[err] or "Unknown"))
else
table.insert(res_proto, ("%s: FAILED"):format(k))
end
end
else
-- rdpNegData, which contains the negotiation response or failure,
-- is optional. WinXP SP3 does not return this section which means
-- we can't tell if the protocol is accepted or not.
table.insert(res_proto, ("%s: Unknown"):format(k))
end
else
comm:close()
return false, response
end
-- For servers that require TLS or NLA the only way to get the RDP protocol
-- version to negotiate TLS or NLA. This section does that for TLS. There
-- is no NLA currently.
if status and (v == 1) then
local res, _ = comm.socket:reconnect_ssl()
if res then
local msc = rdp.Request.MCSConnectInitial:new(0, 1)
status, response = comm:exch(msc)
if status then
if response.ccr.proto_version then
proto_version = response.ccr.proto_version
end
end
end
end
comm:close()
end
table.sort(res_proto)
return true, res_proto, proto_version
end
local function enum_ciphers(host, port)
local CIPHERS = {
{ ["40-bit RC4"] = 1 },
{ ["56-bit RC4"] = 8 },
{ ["128-bit RC4"] = 2 },
{ ["FIPS 140-1"] = 16 }
}
local ENC_LEVELS = {
[0] = "None",
[1] = "Low",
[2] = "Client Compatible",
[3] = "High",
[4] = "FIPS Compliant",
}
local res_ciphers = {}
local proto_version
local function get_ordered_ciphers()
local i = 0
return function()
i = i + 1
if ( not(CIPHERS[i]) ) then return end
for k,v in pairs(CIPHERS[i]) do
return k, v
end
end
end
for k, v in get_ordered_ciphers() do
-- Prevent reconnecting too quickly, improves reliability
stdnse.sleep(0.2)
local comm = rdp.Comm:new(host, port)
if ( not(comm:connect()) ) then
return false, fail("Failed to connect to server")
end
local cr = rdp.Request.ConnectionRequest:new()
local status, _ = comm:exch(cr)
if ( not(status) ) then
break
end
local msc = rdp.Request.MCSConnectInitial:new(v)
local status, response = comm:exch(msc)
comm:close()
if ( status ) then
if ( response.ccr and response.ccr.enc_cipher == v ) then
table.insert(res_ciphers, ("%s: SUCCESS"):format(k))
end
res_ciphers.name = ("RDP Encryption level: %s"):format(ENC_LEVELS[response.ccr.enc_level] or "Unknown")
if response.ccr.proto_version then
proto_version = response.ccr.proto_version
end
elseif ( nmap.debugging() > 0 ) then
table.insert(res_ciphers, ("%s: FAILURE"):format(k))
end
end
return true, res_ciphers, proto_version
end
action = function(host, port)
local result = {}
local status, res_proto, proto_ver = enum_protocols(host, port)
if ( not(status) ) then
return res_proto
end
local status, res_ciphers, cipher_ver = enum_ciphers(host, port)
if ( not(status) ) then
return res_ciphers
end
table.insert(result, res_proto)
table.insert(result, res_ciphers)
if proto_ver then
table.insert(result, proto_ver)
elseif cipher_ver then
table.insert(result, cipher_ver)
end
return stdnse.format_output(true, result)
end
|