VirtualBox

Ticket #11745 (closed defect: fixed)

Opened 2 years ago

Last modified 22 months ago

VRDP (RDP) server not enforcing specified encryption => Fixed in SVN

Reported by: rshaw Owned by:
Priority: blocker Component: RDP
Version: VirtualBox 4.2.12 Keywords: RDP encryption VRDP server
Cc: Guest type: all
Host type: Linux

Description

I filed this as a blocker as this is a major security vulnerability.

Following the directions described  here, I have generated certificates using openssl and have instructed VirtualBox to use those certificates for a specified VM.

openssl req -new -x509 -days 365 -extensions v3_ca \
  -keyout ca_key_private.pem -out ca_cert.pem
openssl genrsa -out server_key_private.pem
openssl req -new -key server_key_private.pem -out server_req.pem
openssl x509 -req -days 365 -in server_req.pem \
  -CA ca_cert.pem -CAkey ca_key_private.pem -set_serial 01 -out server_cert.pem
vboxmanage modifyvm "TestVM" --vrdeproperty "Security/Method=TLS"
vboxmanage modifyvm "TestVM" \
  --vrdeproperty "Security/CACertificate=/home/ryan/rdp/ca_cert.pem"
vboxmanage modifyvm "TestVM" \
  --vrdeproperty "Security/ServerCertificate=/home/ryan/rdp/server_cert.pem"
vboxmanage modifyvm "TestVM" \
  --vrdeproperty "Security/ServerPrivateKey=/home/ryan/rdp/server_key_private.pem"

vboxmanage showvminfo confirms these settings are set

vboxmanage showvminfo "TestVM"
...
VRDE property: TCP/Ports  = "5000-5049"
VRDE property: TCP/Address = <not set>
VRDE property: VideoChannel/Enabled = <not set>
VRDE property: VideoChannel/Quality = <not set>
VRDE property: VideoChannel/DownscaleProtection = <not set>
VRDE property: Client/DisableDisplay = <not set>
VRDE property: Client/DisableInput = <not set>
VRDE property: Client/DisableAudio = <not set>
VRDE property: Client/DisableUSB = <not set>
VRDE property: Client/DisableClipboard = <not set>
VRDE property: Client/DisableUpstreamAudio = <not set>
VRDE property: Client/DisableRDPDR = <not set>
VRDE property: H3DRedirect/Enabled = <not set>
VRDE property: Security/Method = "TLS"
VRDE property: Security/ServerCertificate = "/home/ryan/rdp/server_cert.pem"
VRDE property: Security/ServerPrivateKey = "/home/ryan/rdp/server_key_private.pem"
VRDE property: Security/CACertificate = "/home/ryan/rdp/ca_cert.pem"
VRDE property: Audio/RateCorrectionMode = <not set>
...

Start the VM, and try to connect to the RDP session with rdesktop-vrdp

rdesktop-vrdp localhost:5000

No prompts are received about trusting any certificates - the session simply connects.

Confirming this:

vboxmanage showvminfo "TestVM" --details
...
VRDE Connection:    active
Clients so far:     6
Start time:         2013/04/23 14:12:25 UTC
Sent:               0 Bytes
Average speed:      0 B/s
Sent total:         0 Bytes
Received:           0 Bytes
Speed:              0 B/s
Received total:     0 Bytes
User name:          
Domain:             
Client name:        
Client IP:          
Client version:     0
Encryption:         RDP4
...

Note the encryption is specified as RDP4, NOT TLS as requested. The first command issued, --vrdeproperty "Security/Method=TLS" states:

TLS - only Enhanced RDP Security is accepted. The client must support TLS.

This is not being enforced.

Change History

comment:1 Changed 2 years ago by sunlover

Right, this option did not work as documented.

Here is a new build:  http://www.virtualbox.org/download/testcase/Oracle_VM_VirtualBox_Extension_Pack-4.2.13-85232.vbox-extpack

Now it should behave as described in the manual. Thanks.

comment:2 Changed 23 months ago by frank

  • Summary changed from VRDP (RDP) server not enforcing specified encryption to VRDP (RDP) server not enforcing specified encryption => Fixed in SVN

comment:3 Changed 22 months ago by frank

  • Status changed from new to closed
  • Resolution set to fixed

Fix is part of VBox 4.2.14.

Note: See TracTickets for help on using tickets.

www.oracle.com
ContactPrivacy policyTerms of Use