NLA redirection failures on same target IP

[obilodeau]

Was trying to capture an NLA redirection on a super fake environment today using a bunch of VM with NAT and using DNAT to reach them:

$ pyrdp-mitm.py --nla-redirection-host 192.168.2.107 --nla-redirection-port 33389 192.168.2.107:13389

3389 goes to 13389 unless it's NLA then it goes to non-NLA 33389. Mouhahaha 😈

Anyway, it led to:

$ pyrdp-mitm.py --nla-redirection-host 192.168.2.107 --nla-redirection-port 33389 192.168.2.107:13389
[2021-08-11 13:30:56,423] - INFO - GLOBAL - pyrdp.mitm - Target: 192.168.2.107:13389
[2021-08-11 13:30:56,445] - INFO - GLOBAL - pyrdp.mitm - Output directory: /home/olivier/Documents/gosecure/src/pyrdp/pyrdp_output
[2021-08-11 13:30:56,446] - INFO - GLOBAL - pyrdp - MITM Server listening on 0.0.0.0:3389


[2021-08-11 13:31:42,613] - INFO - Todd103786 - pyrdp.mitm.connections.tcp - New client connected from 192.168.2.107:44424
[2021-08-11 13:31:42,614] - INFO - Todd103786 - pyrdp.mitm.connections.x224 - No cookie for this connection
[2021-08-11 13:31:42,616] - INFO - Todd103786 - pyrdp.mitm.connections.tcp - Server connected
[2021-08-11 13:31:42,646] - INFO - Todd103786 - pyrdp.mitm.connections.x224 - The server failed the negotiation. Error: The server requires that the client support Enhanced RDP Security (section 5.4) with CredSSP (section 5.4.5.2).
[2021-08-11 13:31:42,650] - INFO - Todd103786 - pyrdp.mitm.connections.tcp - Server connection closed. Connection to the other side was lost in a non-clean fashion: Connection lost.
Unhandled Error
Traceback (most recent call last):
  File "/usr/lib/python3.9/asyncio/base_events.py", line 596, in run_forever
    self._run_once()
  File "/usr/lib/python3.9/asyncio/base_events.py", line 1890, in _run_once
    handle._run()
  File "/usr/lib/python3.9/asyncio/events.py", line 80, in _run
    self._context.run(self._callback, *self._args)
  File "/home/olivier/Documents/gosecure/src/pyrdp/venv/lib/python3.9/site-packages/twisted/internet/asyncioreactor.py", line 273, in _onTimer
    self.runUntilCurrent()
--- <exception caught here> ---
  File "/home/olivier/Documents/gosecure/src/pyrdp/venv/lib/python3.9/site-packages/twisted/internet/base.py", line 994, in runUntilCurrent
    call.func(*call.args, **call.kw)
  File "/home/olivier/Documents/gosecure/src/pyrdp/pyrdp/mitm/RDPMITM.py", line 221, in doClientTls
    cert = self.server.tcp.transport.getPeerCertificate()
  File "/home/olivier/Documents/gosecure/src/pyrdp/venv/lib/python3.9/site-packages/twisted/protocols/tls.py", line 541, in getPeerCertificate
    return self._tlsConnection.get_peer_certificate()
builtins.AttributeError: 'NoneType' object has no attribute 'get_peer_certificate'

^C[2021-08-11 13:41:43,131] - INFO - GLOBAL - pyrdp - MITM terminated

I have a fix