Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Current implementation of DeviceRedirectionMITM can lead to request collision, leading to unpredictable behavior #222

Closed
Res260 opened this issue Apr 22, 2020 · 0 comments · Fixed by #244
Closed

Current implementation of DeviceRedirectionMITM can lead to request collision, leading to unpredictable behavior #222

Res260 opened this issue Apr 22, 2020 · 0 comments · Fixed by #244
Labels
bug Something isn't working

Comments

@Res260
Copy link
Collaborator

Res260 commented Apr 22, 2020

The current implementation of the DeviceRedirectionMITM only stores the requestID when a packet is received. This requestID is stored by PyRDP to look for specific types of anwsers.

However, the requestID is not unique and can be used by other devices, which PyRDP doesnt take into account. PyRDP should store a pair of deviceID, requestID instead of simply requestID.

I am unsure of the current impact of this. It probably can raise KeyErrors leading to the packet not being forwarded.
@Res260 Res260 added the bug Something isn't working label Apr 22, 2020
@alxbl alxbl mentioned this issue Aug 18, 2020
Closed
alxbl added a commit that referenced this issue Aug 21, 2020
@alxbl
fix(#222): Added device ID to I/O Requests.
38b2e64
@alxbl alxbl mentioned this issue Aug 21, 2020
Merged
alxbl added a commit that referenced this issue Sep 14, 2020
@alxbl
Merge pull request #244 from GoSecure/fix-222
ba41c66 
fix(#222): Added device ID to I/O Requests.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(#222): Added device ID to I/O Requests. GoSecure/pyrdp
1 participant
@Res260