doc: Updated CHANGELOG.

GoSecure · Mar 16, 2020 · 7523aa4 · 7523aa4
1 parent 471d9f5
commit 7523aa4
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 2 deletions.
diff --git a/CHANGELOG.adoc b/CHANGELOG.adoc
@@ -18,7 +18,7 @@ For a detailed view of what has changed, refer to the {uri-repo}/commits/master[
 * Documentation updates and fixes ({uri-issue}165[#165], {uri-issue}166[#166], {uri-issue}172[#172])
 * Added `--disable-active-clipboard` switch to prevent clipboard request injection
 * Added `--no-downgrade` switch to prevent protocol downgrading where possible {uri-issue}189[#189]
-* Added `--gdi` switch to enable drawing orders ({uri-issue}50[#50])
+* Added `--gdi` MITM switch to enable accelerated graphics pipeline (MS-RDPEGDI). ({uri-issue}50[#50])
 
 === Bug fixes
 

diff --git a/README.md b/README.md
@@ -44,6 +44,7 @@ In August 2019, PyRDP was demo'ed at BlackHat Arsenal ([slides](https://docs.goo
       - [Choosing when to resume normal activity](#choosing-when-to-resume-normal-activity)
     + [Other MITM arguments](#other-mitm-arguments)
       - [--no-downgrade](#--no-downgrade)
+      - [`--gdi`: Accelerated Graphics Pipeline](#--gdi-accelerated-graphics-pipeline)
   * [Using the PyRDP Player](#using-the-pyrdp-player)
     + [Playing a replay file](#playing-a-replay-file)
     + [Listening for live connections](#listening-for-live-connections)
@@ -331,6 +332,15 @@ to be established. The following are currently not affected by this switch and w
 RDP traffic using Wireshark and keep the TLS master secrets. Whenever PyRDP adds support for additional extensions, 
 it would then become possible to extract a valid RDP replay file from the raw network capture.
 
+##### `--gdi`: Accelerated Graphics Pipeline
+
+Tells the MITM to allow clients to use [Graphics Device Interface Acceleration][gdi] Extensions to stream
+drawing orders instead of raw bitmaps. The advantage of this mode is a significant reduction in required bandwidth
+for high resolution connections. PyRDP player support has been recently added and it is possible that some issues
+exist. As a result, this is currently an opt-in setting.
+
+[gdi]: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rdpegdi/745f2eee-d110-464c-8aca-06fc1814f6ad
+
 ### Using the PyRDP Player
 Use `pyrdp-player.py` to run the player.
 

diff --git a/bin/pyrdp-mitm.py b/bin/pyrdp-mitm.py
@@ -50,7 +50,7 @@ def main():
     parser.add_argument("--crawler-ignore-file", help="File to be used by the crawler to chose what folders to avoid when scraping the client shared drives.", default=None)
     parser.add_argument("--no-replay", help="Disable replay recording", action="store_true")
     parser.add_argument("--no-downgrade", help="Disables downgrading of unsupported extensions. This makes PyRDP harder to fingerprint but might impact the player's ability to replay captured traffic.", action="store_true")
-    parser.add_argument("--gdi", help="Enable drawing orders extensions (MS-RDPEGDI) support", action="store_true")
+    parser.add_argument("--gdi", help="Accept accelerated graphics pipeline (MS-RDPEGDI) extension", action="store_true")
 
     args = parser.parse_args()
     outDir = Path(args.output)