STRLCPY/aardwolf

improvements, but vnc keyboard still crap
skelsec committed 3 years ago

8319bc80

1 parent 5949be04

■ ■ ■ ■ ■ ■

aardwolf/commons/queuedata/keyboard.py

1	1		import enum
2	2		from typing import List
3	3		from aardwolf.commons.queuedata import RDPDATATYPE
	4	+	from aardwolf.keyboard import VK_MODIFIERS
4	5
5	6		class RDP_KEYBOARD_SCANCODE:
6	7		def __init__(self):
		skipped 1 lines
8	9		self.keyCode:int = None
9	10		self.is_pressed:bool = True
10	11		self.is_extended:bool = False
11		-	self.modifiers:List[str] = []
	12	+	self.modifiers:VK_MODIFIERS = VK_MODIFIERS(0)
12	13		self.vk_code:str = None
13	14
14	15		class RDP_KEYBOARD_UNICODE:
		skipped 4 lines

■ ■ ■ ■ ■ ■

aardwolf/connection.py

		skipped 9 lines
10	10		from PIL import Image
11	11		from aardwolf import logger
12	12		from aardwolf.commons.queuedata.constants import MOUSEBUTTON, VIDEO_FORMAT
	13	+	from aardwolf.keyboard import VK_MODIFIERS
13	14		from aardwolf.commons.target import RDPTarget
14	15		from aardwolf.network.selector import NetworkSelector
15	16		from aardwolf.commons.credential import RDPCredentialsSecretType
		skipped 1040 lines
1056	1057		finally:
1057	1058		await self.terminate()
1058	1059
1059		-	async def send_key_virtualkey(self, vk, is_pressed, is_extended, scancode_hint = None):
	1060	+	async def send_key_virtualkey(self, vk, is_pressed, is_extended, scancode_hint = None, modifiers = VK_MODIFIERS(0)):
1060	1061		try:
1061	1062		if vk in self.__vk_to_sc:
1062	1063		scancode = self.__vk_to_sc[vk]
		skipped 6 lines
1069	1070		traceback.print_exc()
1070	1071		return None, e
1071	1072
1072		-	async def send_key_scancode(self, scancode, is_pressed, is_extended):
	1073	+	async def send_key_scancode(self, scancode, is_pressed, is_extended, modifiers = VK_MODIFIERS(0)):
1073	1074		try:
1074	1075		data_hdr = TS_SHAREDATAHEADER()
1075	1076		data_hdr.shareID = 0x103EA
		skipped 244 lines

■ ■ ■ ■ ■ ■

aardwolf/examples/aardpclient.py

		skipped 5 lines
6	6		import time
7	7
8	8		from aardwolf import logger
	9	+	from aardwolf.keyboard import VK_MODIFIERS
9	10		from aardwolf.commons.url import RDPConnectionURL
10	11		from aardwolf.commons.iosettings import RDPIOSettings
11	12		from aardwolf.commons.queuedata import RDPDATATYPE
		skipped 220 lines
232	233		Qt.Key_Pause : 'VK_PAUSE',
233	234		Qt.Key_Slash: 'VK_DIVIDE',
234	235		Qt.Key_Period: 'VK_DECIMAL',
	236	+
	237	+	#Qt.Key_Shift: 'VK_LSHIFT',
	238	+	#Qt.Key_Tab: 'VK_TAB',
235	239		#Qt.Key_0 : 'VK_NUMPAD0',
236	240		#Qt.Key_1 : 'VK_NUMPAD1',
237	241		#Qt.Key_2 : 'VK_NUMPAD2',
		skipped 41 lines
279	283		self._label_imageDisplay.setScaledContents(True)
280	284		self._label_imageDisplay.setMinimumSize(1,1)
281	285		self._label_imageDisplay.show()
	286	+
	287	+	#def keyevent_to_string(self, event):
	288	+	# keymap = {}
	289	+	# for key, value in vars(Qt).items():
	290	+	# if isinstance(value, Qt.Key):
	291	+	# keymap[value] = key.partition('_')[2]
	292	+	# modmap = {
	293	+	# Qt.ControlModifier: keymap[Qt.Key_Control],
	294	+	# Qt.AltModifier: keymap[Qt.Key_Alt],
	295	+	# Qt.ShiftModifier: keymap[Qt.Key_Shift],
	296	+	# Qt.MetaModifier: keymap[Qt.Key_Meta],
	297	+	# Qt.GroupSwitchModifier: keymap[Qt.Key_AltGr],
	298	+	# Qt.KeypadModifier: keymap[Qt.Key_NumLock],
	299	+	# }
	300	+	# sequence = []
	301	+	# for modifier, text in modmap.items():
	302	+	# if event.modifiers() & modifier:
	303	+	# sequence.append(text)
	304	+	# key = keymap.get(event.key(), event.text())
	305	+	# if key not in sequence:
	306	+	# sequence.append(key)
	307	+	# return '+'.join(sequence)
282	308
283	309		def send_key(self, e, is_pressed):
284	310		# https://doc.qt.io/qt-5/qt.html#Key-enum
285	311		if self.keyboard is False:
286	312		return
	313	+	#print(self.keyevent_to_string(e))
287	314
288	315		if e.key()==(Qt.Key_Control and Qt.Key_V):
289	316		ki = RDP_CLIPBOARD_DATA_TXT()
		skipped 1 lines
291	318		ki.data = pyperclip.paste()
292	319		self.in_q.put(ki)
293	320
294		-	modifiers = []
	321	+	modifiers = VK_MODIFIERS(0)
295	322		qt_modifiers = QApplication.keyboardModifiers()
296		-	if bool(qt_modifiers & Qt.ShiftModifier):
297		-	modifiers.append('SHIFT')
298		-	if bool(qt_modifiers & Qt.ControlModifier):
299		-	modifiers.append('CONTROL')
300		-	if bool(qt_modifiers & Qt.AltModifier):
301		-	modifiers.append('ALT')
302		-	if bool(qt_modifiers & Qt.KeypadModifier):
303		-	modifiers.append('KEYPAD')
304		-	if bool(qt_modifiers & Qt.MetaModifier):
305		-	modifiers.append('GUI')
	323	+	if bool(qt_modifiers & Qt.ShiftModifier) is True and e.key() != Qt.Key_Shift:
	324	+	modifiers \|= VK_MODIFIERS.VK_SHIFT
	325	+	if bool(qt_modifiers & Qt.ControlModifier) is True and e.key() != Qt.Key_Control:
	326	+	modifiers \|= VK_MODIFIERS.VK_CONTROL
	327	+	if bool(qt_modifiers & Qt.AltModifier) is True and e.key() != Qt.Key_Alt:
	328	+	modifiers \|= VK_MODIFIERS.VK_MENU
	329	+	if bool(qt_modifiers & Qt.KeypadModifier) is True and e.key() != Qt.Key_NumLock:
	330	+	modifiers \|= VK_MODIFIERS.VK_NUMLOCK
	331	+	if bool(qt_modifiers & Qt.MetaModifier) is True and e.key() != Qt.Key_Meta:
	332	+	modifiers \|= VK_MODIFIERS.VK_WIN
306	333
307	334		ki = RDP_KEYBOARD_SCANCODE()
308	335		ki.keyCode = e.nativeScanCode()
		skipped 71 lines
380	407		iosettings.video_height = height
381	408		iosettings.video_bpp_min = 15 #servers dont support 8 any more :/
382	409		iosettings.video_bpp_max = args.bpp
383		-	iosettings.video_out_format = VIDEO_FORMAT.PIL
	410	+	iosettings.video_out_format = VIDEO_FORMAT.QT5
384	411		iosettings.ducky_file = args.ducky
385	412
386	413		settings = RDPClientConsoleSettings(args.url, iosettings)
		skipped 12 lines

■ ■ ■ ■ ■ ■

aardwolf/examples/aardpclient_simple.py

		skipped 122 lines
123	123		iosettings.video_height = height
124	124		iosettings.video_bpp_min = 15 #servers dont support 8 any more :/
125	125		iosettings.video_bpp_max = args.bpp
126		-	iosettings.video_out_format = 'png'
	126	+	iosettings.video_out_format = VIDEO_FORMAT.PNG
127	127
128	128		settings = RDPClientConsoleSettings(args.url, iosettings)
129	129		settings.mhover = args.no_mouse_hover
		skipped 67 lines

■ ■ ■ ■ ■ ■

aardwolf/examples/aardpscreenshot.py

		skipped 8 lines
9	9		from aardwolf.examples.scancommons.targetgens import *
10	10		from aardwolf.examples.scancommons.internal import *
11	11		from aardwolf.examples.scancommons.utils import *
12		-	from aardwolf.commons.queuedata import RDPDATATYPE
13	12		from aardwolf.commons.queuedata.constants import MOUSEBUTTON, VIDEO_FORMAT
14		-	from PIL import Image
15	13		from tqdm import tqdm
16	14
17	15		class EnumResultFinal:
		skipped 275 lines
293	291		iosettings.video_height = height
294	292		iosettings.video_bpp_min = 15 #servers dont support 8 any more :/
295	293		iosettings.video_bpp_max = 32
296		-	iosettings.video_out_format = VIDEO_FORMAT.QT5
	294	+	iosettings.video_out_format = VIDEO_FORMAT.PNG #PIL produces incorrect picture for some reason?! TODO: check bug
297	295		iosettings.clipboard_use_pyperclip = False
298	296
299	297		enumerator = RDPScreenGrabberScanner(
		skipped 33 lines

■ ■ ■ ■ ■ ■

aardwolf/keyboard/__init__.py

		skipped 10 lines
11	11		VK_OEM_8 = 16
12	12		VK_KANA = 32
13	13		VK_NUMLOCK = 64
	14	+	VK_WIN = 128
14	15
15	16		class KeyboardLayout:
16	17		def __init__(self):
		skipped 108 lines

■ ■ ■ ■ ■ ■

aardwolf/vncconnection.py

		skipped 370 lines
371	371		except Exception as e:
372	372		return None, e
373	373
374		-	async def send_key_virtualkey(self, vk:str, is_pressed:bool, is_extended:bool, scancode_hint:int = None):
	374	+	async def send_key_virtualkey(self, vk:str, is_pressed:bool, is_extended:bool, scancode_hint:int = None, modifiers = VK_MODIFIERS(0)):
375	375		try:
376		-	if indata.vk_code is not None:
377		-	vk_code = indata.vk_code
378		-	else:
379		-	vk_code = self.__keyboard_layout.scancode_to_vk(indata.keyCode)
380		-	print('Got VK: %s' % vk_code)
381		-	if vk_code is None:
382		-	print('Could not map SC to VK! SC: %s' % indata.keyCode)
383		-	if vk_code is not None and vk_code in self.__vk_to_vnckey:
384		-	keycode = self.__vk_to_vnckey[vk_code]
	376	+	if vk is None:
	377	+	return await self.send_key_scancode(scancode_hint, is_pressed, is_extended, modifiers=modifiers)
	378	+	print('Got VK: %s' % vk)
	379	+	if vk is None:
	380	+	print('Could not map SC to VK! SC: %s' % scancode_hint)
	381	+	if vk is not None and vk in self.__vk_to_vnckey:
	382	+	keycode = self.__vk_to_vnckey[vk]
385	383		print('AAAAAAAA %s' % hex(keycode))
386		-
387		-
388		-	if vk in self.__vk_to_sc:
389		-	scancode = self.__vk_to_sc[vk]
390		-	is_extended = True
391		-	print('EXT')
	384	+	if keycode is None:
	385	+	return await self.send_key_scancode(scancode_hint, is_pressed, is_extended, modifiers=modifiers)
392	386		else:
393		-	scancode = scancode_hint
394		-	return await self.send_key_char(scancode, is_pressed, is_extended)
	387	+	return await self.send_key_char(keycode, is_pressed)
395	388		except Exception as e:
396	389		traceback.print_exc()
397	390		return None, e
398	391
399		-	async def send_key_scancode(self, scancode, is_pressed, is_extended):
	392	+	async def send_key_scancode(self, scancode, is_pressed, is_extended, modifiers = VK_MODIFIERS(0)):
400	393		try:
401		-	keycode = self.__keyboard_layout.scancode_to_char(indata.keyCode, modifiers)
402		-	print(keycode)
	394	+	keycode = None
	395	+	if modifiers == VK_MODIFIERS(0):
	396	+	vk = self.__keyboard_layout.scancode_to_vk(scancode)
	397	+	if vk is not None and vk in self.__vk_to_vnckey:
	398	+	keycode = self.__vk_to_vnckey[vk]
403	399		if keycode is None:
404		-	print('Failed to resolv key! SC: %s VK: %s' % (indata.keyCode, vk_code))
405		-	#continue
406		-	elif keycode is not None and len(keycode) == 1:
407		-	keycode = ord(keycode)
408		-	print('Keycode %s resolved to: %s' % (indata.keyCode , repr(keycode)))
409		-	elif keycode is not None and len(keycode) > 1:
410		-	print('LARGE! Keycode %s resolved to: %s' % (indata.keyCode , repr(keycode)))
411		-	#continue
412		-	else:
413		-	print('This key is too special! Can\'t resolve it! SC: %s VK: %s' % (indata.keyCode, vk_code))
414		-	#continue
	400	+	keycode = self.__keyboard_layout.scancode_to_char(scancode, modifiers)
	401	+	if keycode is None:
	402	+	raise Exception('Failed to resolv key! SC: %s MOD: %s' % (scancode, modifiers))
415	403
416		-	return True, None
	404	+	elif keycode is not None and len(keycode) == 1:
	405	+	keycode = ord(keycode)
	406	+	elif keycode is not None and len(keycode) > 1:
	407	+	raise Exception('LARGE! Keycode %s resolved to: %s' % (scancode , repr(keycode)))
	408	+	else:
	409	+	raise Exception('This key is too special! Can\'t resolve it! SC: %s' % scancode)
	410	+
	411	+	return await self.send_key_char(keycode, is_pressed)
417	412		except Exception as e:
418	413		traceback.print_exc()
419	414		return None, e
		skipped 12 lines
432	427		if xPos < 0 or yPos < 0:
433	428		return True, None
434	429
435		-	button =0
	430	+	buttoncode = 0
436	431		if button == MOUSEBUTTON.MOUSEBUTTON_LEFT:
437		-	button = 1
	432	+	buttoncode = 1
438	433		elif button == MOUSEBUTTON.MOUSEBUTTON_MIDDLE:
439		-	button = 2
	434	+	buttoncode = 2
440	435		elif button == MOUSEBUTTON.MOUSEBUTTON_RIGHT:
441		-	button = 3
	436	+	buttoncode = 3
442	437
443	438		buttonmask = 0
444	439		if is_pressed is True:
445		-	if button == 1: buttonmask &= ~1
446		-	if button == 2: buttonmask &= ~2
447		-	if button == 3: buttonmask &= ~4
448		-	if button == 4: buttonmask &= ~8
449		-	if button == 5: buttonmask &= ~16
	440	+	if buttoncode == 1: buttonmask &= ~1
	441	+	if buttoncode == 2: buttonmask &= ~2
	442	+	if buttoncode == 3: buttonmask &= ~4
	443	+	if buttoncode == 4: buttonmask &= ~8
	444	+	if buttoncode == 5: buttonmask &= ~16
450	445		else:
451		-	if button == 1: buttonmask \|= 1
452		-	if button == 2: buttonmask \|= 2
453		-	if button == 3: buttonmask \|= 4
454		-	if button == 4: buttonmask \|= 8
455		-	if button == 5: buttonmask \|= 16
	446	+	if buttoncode == 1: buttonmask \|= 1
	447	+	if buttoncode == 2: buttonmask \|= 2
	448	+	if buttoncode == 3: buttonmask \|= 4
	449	+	if buttoncode == 4: buttonmask \|= 8
	450	+	if buttoncode == 5: buttonmask \|= 16
456	451
457	452		msg = pack("!BBHH", 5, buttonmask, xPos, yPos)
458	453		self.__writer.write(msg)
		skipped 34 lines
493	488		return
494	489		if indata.type == RDPDATATYPE.KEYSCAN:
495	490		indata = cast(RDP_KEYBOARD_SCANCODE, indata)
496		-	modifiers = VK_MODIFIERS(0)
497		-	for mod in indata.modifiers:
498		-	if mod == 'KEYPAD':
499		-	modifiers \|= VK_MODIFIERS.VK_NUMLOCK
500		-	elif mod == 'SHIFT':
501		-	modifiers \|= VK_MODIFIERS.VK_SHIFT
502		-	elif mod == 'CONTROL':
503		-	modifiers \|= VK_MODIFIERS.VK_CONTROL
504		-	elif mod == 'ALT':
505		-	modifiers \|= VK_MODIFIERS.VK_MENU
	491	+	if indata.vk_code is not None:
	492	+	await self.send_key_virtualkey(indata.vk_code, indata.is_pressed, indata.is_extended, scancode_hint=indata.keyCode, modifiers=indata.modifiers)
	493	+	else:
	494	+	await self.send_key_scancode(indata.keyCode, indata.is_pressed, indata.is_extended, modifiers=indata.modifiers)
506	495
507		-	## emulating keys...
508		-	keycode = None
509		-	try:
510		-	if indata.keyCode is None and indata.vk_code is None:
511		-	print('No keycode found! ')
512		-	continue
513	496
514		-	if indata.vk_code is not None:
515		-	vk_code = indata.vk_code
516		-	else:
517		-	vk_code = self.__keyboard_layout.scancode_to_vk(indata.keyCode)
518		-	print('Got VK: %s' % vk_code)
519		-	if vk_code is None:
520		-	print('Could not map SC to VK! SC: %s' % indata.keyCode)
521		-	if vk_code is not None and vk_code in self.__vk_to_vnckey:
522		-	keycode = self.__vk_to_vnckey[vk_code]
523		-	print('AAAAAAAA %s' % hex(keycode))
524	497
525		-	if keycode is None:
526		-	keycode = self.__keyboard_layout.scancode_to_char(indata.keyCode, modifiers)
527		-	print(keycode)
528		-	if keycode is None:
529		-	print('Failed to resolv key! SC: %s VK: %s' % (indata.keyCode, vk_code))
530		-	continue
531		-	elif keycode is not None and len(keycode) == 1:
532		-	keycode = ord(keycode)
533		-	print('Keycode %s resolved to: %s' % (indata.keyCode , repr(keycode)))
534		-	elif keycode is not None and len(keycode) > 1:
535		-	print('LARGE! Keycode %s resolved to: %s' % (indata.keyCode , repr(keycode)))
536		-	continue
537		-	else:
538		-	print('This key is too special! Can\'t resolve it! SC: %s VK: %s' % (indata.keyCode, vk_code))
539		-	continue
540	498
541		-	except Exception as e:
542		-	traceback.print_exc()
543		-	continue
544		-
545		-	if indata.keyCode is not None:
546		-	print('Original kk : %s [%s]' % (indata.keyCode, hex(indata.keyCode)))
547		-	print('Final keycode: %s' % hex(keycode))
548		-	print('Is pressed : %s' % indata.is_pressed)
549		-	if keycode is not None:
550		-	msg = pack("!BBxxI", 4, int(indata.is_pressed), keycode)
551		-	self.__writer.write(msg)
	499	+	#modifiers = indata.modifiers
	500	+	#
	501	+	### emulating keys...
	502	+	#keycode = None
	503	+	#try:
	504	+	# if indata.keyCode is None and indata.vk_code is None:
	505	+	# print('No keycode found! ')
	506	+	# continue
	507	+	#
	508	+	# if indata.vk_code is not None:
	509	+	# vk_code = indata.vk_code
	510	+	# else:
	511	+	# vk_code = self.__keyboard_layout.scancode_to_vk(indata.keyCode)
	512	+	# print('Got VK: %s' % vk_code)
	513	+	# if vk_code is None:
	514	+	# print('Could not map SC to VK! SC: %s' % indata.keyCode)
	515	+	# if vk_code is not None and vk_code in self.__vk_to_vnckey:
	516	+	# keycode = self.__vk_to_vnckey[vk_code]
	517	+	# print('AAAAAAAA %s' % hex(keycode))
	518	+	#
	519	+	# if keycode is None:
	520	+	# keycode = self.__keyboard_layout.scancode_to_char(indata.keyCode, modifiers)
	521	+	# print(keycode)
	522	+	# if keycode is None:
	523	+	# print('Failed to resolv key! SC: %s VK: %s' % (indata.keyCode, vk_code))
	524	+	# continue
	525	+	# elif keycode is not None and len(keycode) == 1:
	526	+	# keycode = ord(keycode)
	527	+	# print('Keycode %s resolved to: %s' % (indata.keyCode , repr(keycode)))
	528	+	# elif keycode is not None and len(keycode) > 1:
	529	+	# print('LARGE! Keycode %s resolved to: %s' % (indata.keyCode , repr(keycode)))
	530	+	# continue
	531	+	# else:
	532	+	# print('This key is too special! Can\'t resolve it! SC: %s VK: %s' % (indata.keyCode, vk_code))
	533	+	# continue
	534	+	#
	535	+	#except Exception as e:
	536	+	# traceback.print_exc()
	537	+	# continue
	538	+	#
	539	+	#if indata.keyCode is not None:
	540	+	# print('Original kk : %s [%s]' % (indata.keyCode, hex(indata.keyCode)))
	541	+	#print('Final keycode: %s' % hex(keycode))
	542	+	#print('Is pressed : %s' % indata.is_pressed)
	543	+	#if keycode is not None:
	544	+	# msg = pack("!BBxxI", 4, int(indata.is_pressed), keycode)
	545	+	# self.__writer.write(msg)
552	546
553	547		elif indata.type == RDPDATATYPE.KEYUNICODE:
554	548		indata = cast(RDP_KEYBOARD_UNICODE, indata)
		skipped 280 lines

■ ■ ■ ■ ■ ■

dtest3.txt

1 + STRING 1234567890
1 2 STRING ',./;'\[]=-`<<>?:"|{}+_)(*&^%$#@!~>
2 3

All occurrences

	1	+	STRING 1234567890
1	2		STRING ',./;'\[]=-`<<>?:"\|{}+_)(*&^%$#@!~>
2	3

improvements, but vnc keyboard still crap