problem with connecting through web browser

[hellrai5er]

Hello! I'm trying to create rdp connection from browser.

I turned on flags in ini file, but nothing happened:

[websocket]
enable_websocket = 1
use_tls = 1

in browser i print :3389
server reports something like this:
rdpproxy: ERR (39400/39400) -- ◢ In src/transport/socket_transport.cpp:222
rdpproxy: ERR (39400/39400) -- SocketTransport::do_partial_read: Failed to read from socket RDP Client!
rdpproxy: DEBUG (39400/39400) -- Create Error: Exception ERR_TRANSPORT_NO_MORE_DATA no: 1501
rdpproxy: INFO (39400/39400) -- Socket RDP Client (7) : closing connection
or
Front::incoming: RDP handshake timeout reached!
rdpproxy: DEBUG (39942/39942) -- Create Error: Exception ERR_RDP_HANDSHAKE_TIMEOUT no: 8030

[jonathanpoelen]

The websocket port is 3390, but you need the RDP client in project/jsclient (it may work with others clients, but no test was done)

[hellrai5er]

I can not start js client following insrtructions. connection refused

UPD: client is up but cannot connect to rdpproxy (enable or disable tls in config not help)
i see this error in RDPProxy anyway:

SSL_REQUIRED_BY_SERVER
rdpproxy: INFO (14679/14679) -- SocketTransport::enable_server_tls() start (RDP Ws Client)
rdpproxy: INFO (14679/14679) -- Enable server TLS
rdpproxy: INFO (14679/14679) -- TLSContext::enable_server_tls() set SSL options
rdpproxy: INFO (14679/14679) -- TLSContext::enable_server_tls() set SSL cipher list
rdpproxy: INFO (14679/14679) -- TLSContext::X509_get_pubkey()
rdpproxy: INFO (14679/14679) -- TLSContext::i2d_PublicKey()
rdpproxy: INFO (14679/14679) -- TLSContext::i2d_PublicKey()
rdpproxy: ERR (14679/14679) -- ◢ In src/system/linux/system/tls_context.hpp:54
rdpproxy: ERR (14679/14679) -- TLSContext::enable_server_tls: SSL accept error
rdpproxy: ERR (14679/14679) -- ◢ In src/system/linux/system/tls_context.hpp:59
rdpproxy: ERR (14679/14679) -- print_error error:1408F10B:SSL routines:ssl3_get_record:wrong version number
rdpproxy: DEBUG (14679/14679) -- Create Error: Exception ERR_TRANSPORT_TLS_SERVER no: 1605
rdpproxy: ERR (14679/14679) -- ◢ In src/core/session.cpp:1565
rdpproxy: ERR (14679/14679) -- Proxy data processing raised error 1605 : Exception ERR_TRANSPORT_TLS_SERVER

[hellrai5er]

or
error:1408F09C:SSL routines:ssl3_get_record:http request
as I understand, this is http server-side problem.
Howto make it work?

[hellrai5er]

Now i wrote "tls_min_level =0" in [client] section and trying to connect through wss, but server reports a new error "partial http header".
in ws connection i have "handshake timeout"
Help me please!

[hellrai5er]

Now i have connection from JSclient with this config:

[websocket]
enable_websocket = 1
use_tls = 0

[client]
tls_fallback_legacy = 1
tls_support = 0

but rdp session still not working yet.

[jonathanpoelen]

There seems to be a issue with glyphs. Is it the same with another rdp client? Try adding [client] transform_glyph_to_bitmap=0 in the config or disabled the order in the rdp client interface.

Normally, with [websocket] use_tls=1, the values for tls_fallback_legacy and tls_support are automatically adjusted. This is not the case with use_tls=0, but it is a bad idea to use it outside a local network.

The "partial http header" error occurs when the proxy does not receive or cannot read all http headers at once. It also occurs when it receives more than the headers. While this scenario is possible, it never occurred in our tests and the code was kept simple.

This can be checked by adding [debug] sck_front=2 to the config, which will have the effect of dumping what is passing through the socket. The proxy expects to read a packet that ends in \r\n\r\n and contains Sec-WebSocket-Key: ....., but not as the first value. There is a lot of assumption, but the javascript client is not used outside of a few tests episodically.

I don't think this fix takes much effort, but I just remembered another annoying problem I had a long time ago: accessing targets causes allocation problems in the js client (it's wasm) and the connection ends up breaking. I don't think anyone looked.

[hellrai5er]

There seems to be a issue with glyphs. Is it the same with another rdp client? Try adding [client] transform_glyph_to_bitmap=0 in the config or disabled the order in the rdp client interface.

I tried this, session started, but stiss is black empty screen (i've made autologon to the target machine in python script abd have no logon window).

Normally, with [websocket] use_tls=1, the values for tls_fallback_legacy and tls_support are automatically adjusted. This is not the case with use_tls=0, but it is a bad idea to use it outside a local network.

In this case I have this log and nothing happens:

dpproxy: INFO (31068/31068) -- -----------------> Front::incoming: TLS Support Enabled nla=false
rdpproxy: INFO (31068/31068) -- SSL_REQUIRED_BY_SERVER
rdpproxy: INFO (31068/31068) -- SocketTransport::enable_server_tls() start (RDP Ws Client)
rdpproxy: INFO (31068/31068) -- Enable server TLS
rdpproxy: INFO (31068/31068) -- TLSContext::enable_server_tls() set SSL options
rdpproxy: INFO (31068/31068) -- TLSContext::enable_server_tls() set SSL cipher list
rdpproxy: INFO (31068/31068) -- TLSContext::X509_get_pubkey()
rdpproxy: INFO (31068/31068) -- TLSContext::i2d_PublicKey()
rdpproxy: INFO (31068/31068) -- TLSContext::i2d_PublicKey()

[hellrai5er]

on a WS dump I see about 4 sent and received packets about 300+ bytes long