diff --git a/pyrdp/convert/JSONEventHandler.py b/pyrdp/convert/JSONEventHandler.py index 1968e4d11..dcdc7266d 100644 --- a/pyrdp/convert/JSONEventHandler.py +++ b/pyrdp/convert/JSONEventHandler.py @@ -5,7 +5,9 @@ # from pyrdp.enum import CapabilityType, scancode -from pyrdp.pdu import PlayerPDU, FormatDataResponsePDU, FastPathUnicodeEvent +from pyrdp.pdu import FormatDataResponsePDU, FastPathUnicodeEvent + +from pyrdp.pdu.player import PlayerPDU from pyrdp.player.BaseEventHandler import BaseEventHandler from pyrdp.parser import ClientInfoParser, ClientConnectionParser, ClipboardParser from pyrdp.core import decodeUTF16LE diff --git a/pyrdp/parser/gcc.py b/pyrdp/parser/gcc.py index 3d43b1a2a..3587a1e36 100644 --- a/pyrdp/parser/gcc.py +++ b/pyrdp/parser/gcc.py @@ -126,10 +126,7 @@ def write(self, pdu: GCCPDU) -> bytes: stream = BytesIO() stream.write(per.writeChoice(0)) stream.write(per.writeObjectIdentifier(GCCParser.T124_02_98_OID)) - - # Normally this should be len(pdu.payload) + 14, but Windows seems to always send 0x2a. This value is also - # accepted by Wireshark. - stream.write(per.writeLength(0x2a)) + stream.write(per.writeLength(len(pdu.payload) + 14)) stream.write(per.writeChoice(pdu.header)) self.writers[pdu.header](stream, pdu) diff --git a/pyrdp/parser/rdp/slowpath.py b/pyrdp/parser/rdp/slowpath.py index 6c84a9754..11aea753c 100644 --- a/pyrdp/parser/rdp/slowpath.py +++ b/pyrdp/parser/rdp/slowpath.py @@ -196,6 +196,10 @@ def parseCapabilitySets(self, capabilitySetsRaw, numberCapabilities): lengthCapability = Uint16LE.unpack(stream.read(2)) capabilityData = stream.read(lengthCapability - 4) capability = Capability(capabilitySetType, capabilityData) + if capabilitySetType == 6: + # Workaround for XRDP returning bad capability type + # ref https://github.com/GoSecure/pyrdp/issues/294 + continue capabilitySets[CapabilityType(capabilitySetType)] = capability # Fully parse the General capability set