From 7523aa42ce0a0e4d375cf8b2a79a2756522ea136 Mon Sep 17 00:00:00 2001
From: Alexandre Beaulieu <alex@segfault.me>
Date: Mon, 16 Mar 2020 11:36:12 -0400
Subject: [PATCH] doc: Updated CHANGELOG.

---
 CHANGELOG.adoc    |  2 +-
 README.md         | 10 ++++++++++
 bin/pyrdp-mitm.py |  2 +-
 3 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.adoc b/CHANGELOG.adoc
index 8a2866132..f2b86aa4e 100644
--- a/CHANGELOG.adoc
+++ b/CHANGELOG.adoc
@@ -18,7 +18,7 @@ For a detailed view of what has changed, refer to the {uri-repo}/commits/master[
 * Documentation updates and fixes ({uri-issue}165[#165], {uri-issue}166[#166], {uri-issue}172[#172])
 * Added `--disable-active-clipboard` switch to prevent clipboard request injection
 * Added `--no-downgrade` switch to prevent protocol downgrading where possible {uri-issue}189[#189]
-* Added `--gdi` switch to enable drawing orders ({uri-issue}50[#50])
+* Added `--gdi` MITM switch to enable accelerated graphics pipeline (MS-RDPEGDI). ({uri-issue}50[#50])
 
 === Bug fixes
 
diff --git a/README.md b/README.md
index 2a8e14671..2ec6e4a30 100644
--- a/README.md
+++ b/README.md
@@ -44,6 +44,7 @@ In August 2019, PyRDP was demo'ed at BlackHat Arsenal ([slides](https://docs.goo
       - [Choosing when to resume normal activity](#choosing-when-to-resume-normal-activity)
     + [Other MITM arguments](#other-mitm-arguments)
       - [--no-downgrade](#--no-downgrade)
+      - [`--gdi`: Accelerated Graphics Pipeline](#--gdi-accelerated-graphics-pipeline)
   * [Using the PyRDP Player](#using-the-pyrdp-player)
     + [Playing a replay file](#playing-a-replay-file)
     + [Listening for live connections](#listening-for-live-connections)
@@ -331,6 +332,15 @@ to be established. The following are currently not affected by this switch and w
 RDP traffic using Wireshark and keep the TLS master secrets. Whenever PyRDP adds support for additional extensions, 
 it would then become possible to extract a valid RDP replay file from the raw network capture.
 
+##### `--gdi`: Accelerated Graphics Pipeline
+
+Tells the MITM to allow clients to use [Graphics Device Interface Acceleration][gdi] Extensions to stream
+drawing orders instead of raw bitmaps. The advantage of this mode is a significant reduction in required bandwidth
+for high resolution connections. PyRDP player support has been recently added and it is possible that some issues
+exist. As a result, this is currently an opt-in setting.
+
+[gdi]: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rdpegdi/745f2eee-d110-464c-8aca-06fc1814f6ad
+
 ### Using the PyRDP Player
 Use `pyrdp-player.py` to run the player.
 
diff --git a/bin/pyrdp-mitm.py b/bin/pyrdp-mitm.py
index c64f2d06c..cc9c56cfb 100755
--- a/bin/pyrdp-mitm.py
+++ b/bin/pyrdp-mitm.py
@@ -50,7 +50,7 @@ def main():
     parser.add_argument("--crawler-ignore-file", help="File to be used by the crawler to chose what folders to avoid when scraping the client shared drives.", default=None)
     parser.add_argument("--no-replay", help="Disable replay recording", action="store_true")
     parser.add_argument("--no-downgrade", help="Disables downgrading of unsupported extensions. This makes PyRDP harder to fingerprint but might impact the player's ability to replay captured traffic.", action="store_true")
-    parser.add_argument("--gdi", help="Enable drawing orders extensions (MS-RDPEGDI) support", action="store_true")
+    parser.add_argument("--gdi", help="Accept accelerated graphics pipeline (MS-RDPEGDI) extension", action="store_true")
 
     args = parser.parse_args()
     outDir = Path(args.output)