diff --git a/Changelog.md b/Changelog.md index 1921598..a163231 100644 --- a/Changelog.md +++ b/Changelog.md @@ -7,8 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] ### Added * Customise the size of captured images with the `--size` option (web & RDP). Does not work on VNC because the server generally specifies the screen size [36](https://github.com/nccgroup/scrying/issues/36) +* Optionally provide RDP credentials ### Changed +* Disable RDP certificate verification ### Deprecated diff --git a/src/argparse.rs b/src/argparse.rs index 87cd848..1bbeae0 100644 --- a/src/argparse.rs +++ b/src/argparse.rs @@ -27,7 +27,7 @@ lazy_static! { static ref SIZE_REGEX: Regex = Regex::new(r"^(\d+)x(\d+)$").unwrap(); } -#[derive(Copy, Clone, PartialEq, Debug)] +#[derive(Copy, Clone, PartialEq, Eq, Debug)] pub enum Mode { Auto, Web, @@ -150,7 +150,7 @@ pub fn parse() -> Result { .help("Force targets to be parsed as `web`, `rdp`, `vnc`") .default_value("auto") .long("mode") - .possible_values(&["web", "rdp", "vnc", "auto"]) + .possible_values(["web", "rdp", "vnc", "auto"]) .short('m') .takes_value(true), ) @@ -377,28 +377,18 @@ pub fn parse() -> Result { mode: args.value_of_t("MODE").unwrap(), rdp_timeout: args.value_of_t("RDP TIMEOUT").unwrap(), threads: args.value_of_t("THREADS").unwrap(), - log_file: args - .value_of("LOG FILE") - .map_or_else(|| None, |s| Some(s.to_string())), + log_file: args.value_of("LOG FILE").map(String::from), nmaps, nessus, output_dir: args.value_of_t("OUTPUT DIR").unwrap(), web_proxy, rdp_proxy, - vnc_auth: args - .value_of("VNC AUTH") - .map_or_else(|| None, |s| Some(s.to_string())), - rdp_domain: args - .value_of("RDP DOMAIN") - .map_or_else(|| None, |s| Some(s.to_string())), - rdp_user: args - .value_of("RDP USER") - .map_or_else(|| None, |s| Some(s.to_string())), - rdp_pass: args - .value_of("RDP PASS") - .map_or_else(|| None, |s| Some(s.to_string())), + vnc_auth: args.value_of("VNC AUTH").map(String::from), + rdp_domain: args.value_of("RDP DOMAIN").map(String::from), + rdp_user: args.value_of("RDP USER").map(String::from), + rdp_pass: args.value_of("RDP PASS").map(String::from), web_path: if let Some(paths) = args.values_of("WEB PATH") { - paths.map(|p| p.to_string()).collect() + paths.map(String::from).collect() } else { Vec::new() }, diff --git a/src/rdp/mod.rs b/src/rdp/mod.rs index 66c0aca..cb6397f 100644 --- a/src/rdp/mod.rs +++ b/src/rdp/mod.rs @@ -293,33 +293,30 @@ fn capture_worker( debug!(target, "Connecting to Socks proxy"); SocketType::Socks5(Socks5Stream::connect(proxy, *addr)?) } else { - SocketType::Tcp(TcpStream::connect(&addr)?) + SocketType::Tcp(TcpStream::connect(addr)?) }; - let rdpdomain = &opts.rdp_domain; - let s_rdpdomain = rdpdomain.as_deref().unwrap_or(""); - let rdpuser = &opts.rdp_user; - let s_rdpuser = rdpuser.as_deref().unwrap_or(""); - let rdppass = &opts.rdp_pass; - let s_rdppass = rdppass.as_deref().unwrap_or(""); - - debug!(target, "RDP domain: {:?}", s_rdpdomain); - debug!(target, "RDP username: {:?}", s_rdpuser); - debug!(target, "RDP password: {:?}", s_rdppass); + debug!(target, "RDP domain: {:?}", opts.rdp_domain); + debug!(target, "RDP username: {:?}", opts.rdp_user); + debug!(target, "RDP password set: {}", opts.rdp_pass.is_some()); let mut connector = Connector::new() .screen(opts.size.0 as u16, opts.size.1 as u16) .check_certificate(false); - if s_rdpuser.len() > 0 && s_rdppass.len() > 0 { - connector = connector - .credentials(s_rdpdomain.to_string(), s_rdpuser.to_string(), s_rdppass.to_string()); + if let (Some(user), Some(pass)) = (&opts.rdp_user, &opts.rdp_pass) { + connector = connector.credentials( + opts.rdp_domain.as_ref().cloned().unwrap_or_default(), + user.to_string(), + pass.to_string(), + ); } else { - warn!(target, "Using blank credentials"); - connector = connector - .use_nla(false) - .blank_creds(true) - .credentials("".to_string(), "".to_string(), "".to_string()); + warn!(target, "Using blank RDP credentials"); + connector = connector.use_nla(false).blank_creds(true).credentials( + "".to_string(), + "".to_string(), + "".to_string(), + ); }; let client = connector.connect(stream).map_err(|e| eyre!("{e:?}"))?; diff --git a/src/util.rs b/src/util.rs index 9de8f3e..81c96ab 100644 --- a/src/util.rs +++ b/src/util.rs @@ -40,11 +40,12 @@ pub fn target_to_filename(target: &Target) -> String { // rather than underscores let mut converted: String = String::from(u.as_str()) .replace("://", "_") // Replace the scheme separator with - - .replace('/', "-") // replace all slashes with / - .replace(':', "_") // replace colon (probably port, could be uname) - .replace('[', "") // Remove the square brackets as they are not - .replace(']', "") // needed for uniqueness - ; + .replace('/', "-") // replace all slashes with - + // replace colon (probably port, could be uname) + .replace(':', "_") + // Remove the square brackets as they are not needed for + // uniqueness + .replace(['[', ']'], ""); while converted.ends_with('-') { // remove the trailing - if the URL had a trailing / converted.pop();