rdp

package
v0.9.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 9, 2026 License: BSD-3-Clause, GPL-3.0 Imports: 12 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// RDP Negotiation Types
	RDPNegReq     = 0x01
	RDPNegRsp     = 0x02
	RDPNegFailure = 0x03

	// RDP Protocols (bitmask)
	ProtocolRDP      = 0x00000000
	ProtocolSSL      = 0x00000001
	ProtocolHybrid   = 0x00000002 // CredSSP with NLA
	ProtocolRDSTLS   = 0x00000004
	ProtocolHybridEx = 0x00000008 // CredSSP with Early User Auth

	// MCS Connect Initial/Response
	BER_TAG_MCS_CONNECT_INITIAL  = 0x7F65
	BER_TAG_MCS_CONNECT_RESPONSE = 0x7F66
)

RDP Protocol constants

Variables

View Source 
var Decoder = &decoder.StreamDecoder{
	Type:        types.Type_NC_RDP,
	Name:        serviceRDP,
	Description: "Remote Desktop Protocol (RDP) is Microsoft's remote access protocol",
	PostInit: func(d *decoder.StreamDecoder) error {
		var err error
		rdpLog, _, err = logging.InitZapLogger(
			decoderconfig.Instance.Out,
			"rdp",
			decoderconfig.Instance.Debug,
		)
		return err
	},
	CanDecode: func(client, server []byte) bool {

		if len(client) >= 11 && client[0] == tpktVersion {

			if client[5] == x224ConnectionRequest {
				return true
			}

			if bytes.Contains(client, []byte("Cookie:")) && bytes.Contains(client, []byte("mstshash=")) {
				return true
			}
		}
		return false
	},
	DeInit: func(sd *decoder.StreamDecoder) error {
		return rdpLog.Sync()
	},
	Factory: &rdpReader{},
	Typ:     core.TCP,
}

Decoder for protocol analysis and writing audit records to disk.

Functions

This section is empty.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.