moving all crypto to unicrypto, detaching GUI func

README.md

@@ -3,7 +3,7 @@
 :triangular_flag_on_post: This is the public repository of aardwolf, for latest version and updates please consider supporting us through https://porchetta.industries/
 
 # AARDWOLF - Asynchronous RDP client in Python
-This project is aimed to play around the RDP protocol.
+This project is aimed to play around the RDP and VNC protocols.
 
 ## :triangular_flag_on_post: Sponsors
 
@@ -15,6 +15,9 @@ Come hang out on Discord!
 
 [![Porchetta Industries](https://discordapp.com/api/guilds/736724457258745996/widget.png?style=banner3)](https://discord.gg/ycGXUxy)
 
+# Important
+This is a headless client, for GUI functionality use the `aardwolfgui` package.
+
 # Features
  - Supports credssp auth via NTLM/Kerberos.
  - Built-in proxy client allows SOCKS/HTTP proxy tunneling without 3rd part software  
@@ -24,9 +27,9 @@ Come hang out on Discord!
  - Support for Duckyscript files to emulate keystrokes 
 
 # Example scripts
- - `aardpclient` Basic RDP client running on top of Qt5. Can copy-paste text, handles keyboard and mouse.  
  - `aardpscreenshot` RDP ?screenshotter? scans the given target/s or network ranges for open RDP clients, tries to log in either with or without credentials and takes a screemshot  
  - `aardpcapscan` RDP login capability scanner identifies the supported login protocols on a target or network ranges.  
+  - `aardploginscan` RDP login scanner.  
 
 # URL format
 As usual the scripts take the target/scredentials in URL format. Below some examples
@@ -50,7 +53,4 @@ As usual the scripts take the target/scredentials in URL format. Below some exam
  - Marc-André Moreau (@awakecoding) for providing suggestions on fixes
 
 
-# Additional info for Qt install.
- - installing in venv will require installing Qt5 outside of venv, then installing 'wheel' and 'vext.pyqt5' in the venv via pip first. then install pyqt5 in the venv
- - installing Qt5 can be a nightmare
- - generally on ubuntu you can use `apt install python3-pyqt5` before installing `aardwolf` and it will (should) work
+

aardwolf/_version.py

@@ -1,5 +1,5 @@
 
-__version__ = "0.0.7"
+__version__ = "0.0.8"
 __banner__ = \
 """
 # aardwolf %s 

aardwolf/authentication/ntlm/creds_calc.py

@@ -1,12 +1,11 @@
-import io
-import os
-import hmac
 import datetime
 
-from aardwolf.crypto.symmetric import DES
-from aardwolf.crypto.hashing import *
-from aardwolf.authentication.ntlm.structures.challenge_response import *
+from unicrypto.symmetric import DES
+from unicrypto import hashlib
+from unicrypto import hmac
 
+from aardwolf.authentication.ntlm.structures.challenge_response import *
+from aardwolf.authentication.ntlm.structures.negotiate_flags import NegotiateFlags
 
 class NTLMCredentials:
 	@staticmethod
@@ -159,7 +158,7 @@ def verify(self, creds, credtype='plain'):
 		else:
 			raise Exception('Unknown cred type!')
 
-		hm = hmac_md5(lm_hash)
+		hm = hmac.new(lm_hash, digestmod = 'md5')
 		hm.update(bytes.fromhex(self.ServerChallenge))
 		hm.update(bytes.fromhex(self.ChallengeFromClinet))
 
@@ -186,7 +185,7 @@ def calc_key_exchange_key(self):
 		else:
 			nt_hash = bytes.fromhex(self.credentials.nt_hash)
 
-		hm = hmac_md5(self.SessionBaseKey)
+		hm = hmac.new(self.SessionBaseKey, digestmod = 'md5')
 		hm.update(self.ServerChallenge)
 		hm.update(self.LMResponse.to_bytes()[:8])
 
@@ -209,13 +208,13 @@ def construct(server_challenge, client_challenge, credentials):
 		ntlm_creds.LMResponse = LMResponse()
 		ntlm_creds.LMResponse.Response = client_challenge + b'\x00' * 16
 
-		temp_1 = md5(server_challenge + client_challenge[:8]).digest()
+		temp_1 = hashlib.md5(server_challenge + client_challenge[:8]).digest()
 		data = DESL(nt_hash, temp_1[:8])
 
 		ntlm_creds.NTResponse = NTLMv1Response()
 		ntlm_creds.NTResponse.Response = data
 
-		ntlm_creds.SessionBaseKey = md4(nt_hash).digest()
+		ntlm_creds.SessionBaseKey = hashlib.md4(nt_hash).digest()
 
 		return ntlm_creds
 
@@ -236,7 +235,7 @@ def calc_session_base_key(self, creds, credtype = 'plain'):
 		else:
 			raise Exception('Unknown cred type!')
 
-		session_base_key = md4(nt_hash).digest()
+		session_base_key = hashlib.md4(nt_hash).digest()
 		return session_base_key
 
 	def verify(self, creds, credtype='plain'):
@@ -263,7 +262,7 @@ def verify(self, creds, credtype='plain'):
 		# print('Server chall: %s' % self.ServerChallenge)
 		# print('Client chall: %s' % self.ChallengeFromClinet)
 
-		temp_1 = md5(bytes.fromhex(self.ServerChallenge) + bytes.fromhex(self.ChallengeFromClinet)[:8]).digest()
+		temp_1 = hashlib.md5(bytes.fromhex(self.ServerChallenge) + bytes.fromhex(self.ChallengeFromClinet)[:8]).digest()
 		calc_response = DESL(nt_hash, temp_1[:8])
 		# print('calc_response: %s' % calc_response.hex())
 		# print('ClientResponse: %s' %  self.ClientResponse)
@@ -327,7 +326,7 @@ def construct(server_challenge, credentials):
 		else:
 			ntlm_creds.LMResponse = ntresponse
 
-		ntlm_creds.SessionBaseKey = md4(nt_hash).digest()
+		ntlm_creds.SessionBaseKey = hashlib.md4(nt_hash).digest()
 
 		return ntlm_creds
 
@@ -347,7 +346,7 @@ def calc_session_base_key(self, creds, credtype = 'plain'):
 		else:
 			raise Exception('Unknown cred type!')
 
-		session_base_key = md4(nt_hash).digest()
+		session_base_key = hashlib.md4(nt_hash).digest()
 		return session_base_key
 
 	def verify(self, creds, credtype='plain'):
@@ -408,7 +407,7 @@ def calc_key_exhange_key_server(self, credentials):
 		if isinstance(self.NTResponse.Response, str):
 			response = bytes.fromhex(self.NTResponse.Response)
 
-		hm = hmac_md5(nt_hash_v2)
+		hm = hmac.new(nt_hash_v2, digestmod = 'md5')
 		hm.update(response)
 		return hm.digest()
 
@@ -432,7 +431,7 @@ def construct(server_challenge, client_challenge, server_details, credentials, t
 		cc = NTLMv2ClientChallenge.construct(timestamp, client_challenge, server_details)
 		temp = cc.to_bytes()
 
-		hm = hmac_md5(nt_hash_v2)
+		hm = hmac.new(nt_hash_v2, digestmod = 'md5')
 		hm.update(server_challenge)
 		hm.update(temp)
 
@@ -443,7 +442,7 @@ def construct(server_challenge, client_challenge, server_details, credentials, t
 		ntlm_creds.NTResponse.ChallengeFromClinet = cc
 
 
-		hm = hmac_md5(nt_hash_v2)
+		hm = hmac.new(nt_hash_v2, digestmod = 'md5')
 		hm.update(server_challenge)
 		hm.update(client_challenge)
 
@@ -452,7 +451,7 @@ def construct(server_challenge, client_challenge, server_details, credentials, t
 		ntlm_creds.LMResponse.ChallengeFromClinet = client_challenge
 
 
-		hm = hmac_md5(nt_hash_v2)
+		hm = hmac.new(nt_hash_v2, digestmod = 'md5')
 		hm.update(NTProofStr)
 		ntlm_creds.SessionBaseKey = hm.digest()
 
@@ -494,7 +493,7 @@ def verify(self, creds, credtype = 'plain'):
 		# print(self.ServerChallenge)
 		# print(self.ChallengeFromClinet)
 
-		hm = hmac_md5(nt_hash)
+		hm = hmac.new(nt_hash, digestmod = 'md5')
 		hm.update(bytes.fromhex(self.ServerChallenge))
 		hm.update(bytes.fromhex(self.ChallengeFromClinet))
 
@@ -520,7 +519,7 @@ def LMOWFv1(password):
 
 
 def NTOWFv1(password):
-	return md4(password.encode('utf-16le')).digest()
+	return hashlib.md4(password.encode('utf-16le')).digest()
 
 
 def LMOWFv2(Passwd, User, UserDom, PasswdHash = None):
@@ -529,9 +528,9 @@ def LMOWFv2(Passwd, User, UserDom, PasswdHash = None):
 
 def NTOWFv2(Passwd, User, UserDom, PasswdHash = None):
 	if PasswdHash is not None:
-		fp = hmac_md5(PasswdHash)
+		fp = hmac.new(PasswdHash, digestmod = 'md5')
 	else:
-		fp = hmac_md5(NTOWFv1(Passwd))
+		fp = hmac.new(NTOWFv1(Passwd), digestmod = 'md5')
 	fp.update((User.upper() + UserDom).encode('utf-16le'))
 	return fp.digest()
 

aardwolf/authentication/ntlm/native.py

@@ -15,7 +15,9 @@
 from aardwolf.authentication.ntlm.messages.challenge import NTLMChallenge
 from aardwolf.authentication.ntlm.messages.authenticate import NTLMAuthenticate
 from aardwolf.authentication.ntlm.creds_calc import *
-from aardwolf.crypto.symmetric import RC4
+from unicrypto.symmetric import RC4
+from unicrypto import hashlib
+from unicrypto import hmac
 
 
 class NTLMHandlerSettings:
@@ -163,14 +165,14 @@ def MAC(self, handle, signingKey, seqNum, message):
 			msg = NTLMSSP_MESSAGE_SIGNATURE()
 			if NegotiateFlags.NEGOTIATE_KEY_EXCH in self.ntlmChallenge.NegotiateFlags:
 				tt = struct.pack('<i', seqNum) + message
-				t = hmac_md5(signingKey)
+				t = hmac.new(signingKey, digestmod='md5')
 				t.update(tt)
 
 				msg.Checksum = handle(t.digest()[:8])
 				msg.SeqNum = seqNum
 				seqNum += 1
 			else:
-				t = hmac_md5(signingKey)
+				t = hmac.new(signingKey, digestmod='md5')
 				t.update(struct.pack('<i',seqNum)+message)
 				msg.Checksum = t.digest()[:8]
 				msg.SeqNum = seqNum

aardwolf/commons/queuedata/video.py

@@ -2,13 +2,14 @@
 import io
 from aardwolf.protocol.fastpath.bitmap import TS_BITMAP_FLAG, TS_BITMAP_DATA
 
+from aardwolf import logger
 from aardwolf.commons.queuedata import RDPDATATYPE
 from aardwolf.commons.queuedata.constants import VIDEO_FORMAT
 from aardwolf.utils.rectconvert import rectconvert
 try:
 	from PIL.ImageQt import ImageQt
 except ImportError:
-	print('No Qt installed! Converting to qt will not work')
+	logger.debug('No Qt installed! Converting to qt will not work')
 
 class RDP_VIDEO:
 	def __init__(self):

aardwolf/connection.py

@@ -3,6 +3,7 @@
 import asyncio
 import typing
 import copy
+import platform
 from typing import cast
 from collections import OrderedDict
 
@@ -15,7 +16,6 @@
 from aardwolf.network.selector import NetworkSelector
 from aardwolf.commons.credential import RDPCredentialsSecretType
 from aardwolf.commons.cryptolayer import RDPCryptoLayer
-from aardwolf.transport.ssl import SSLClientTunnel
 from aardwolf.network.tpkt import TPKTNetwork
 from aardwolf.network.x224 import X224Network
 
@@ -252,7 +252,12 @@ async def connect(self):
 				logger.debug('Server selected protocol: %s' % self.x224_protocol)
 				#print(self.x224_flag)
 				if SUPP_PROTOCOLS.SSL in self.x224_protocol or SUPP_PROTOCOLS.HYBRID in self.x224_protocol or SUPP_PROTOCOLS.HYBRID_EX in self.x224_protocol:
-					_, err = await self.__tpkgnet.switch_transport(SSLClientTunnel)
+					if platform.system() != 'Emscripten':
+						from aardwolf.transport.ssl import SSLClientTunnel
+						_, err = await self.__tpkgnet.switch_transport(SSLClientTunnel)
+					else:
+						from aardwolf.transport.mbedtlsssl import MBEDTLSClientTunnel
+						_, err = await self.__tpkgnet.switch_transport(MBEDTLSClientTunnel)
 					if err is not None:
 						raise err