Comments (3)
Hi @ji4,
.do_roundtrip() --> tls_do_roundtrip is using a tls_socket object to send messages. The socket would automatically try to encrypt messages before putting them on the wire. However, the TLSSocket class exposes the underlying tcp socket object as tls_socket._s
and you can use that to inject arbitrary tcp data. Note that this way you're basically bypassing the TLSSocket
which would easily get out of sync (message counters for encryption etc.).
something like this untested piece of code should work for your example.
def tls_inject_roundtrip(tls_socket, pkt, recv=True):
# basically tls_do_roundtrip with a minor change to send data directly using the underlying socket.socket instead of TLSSocket
resp = TLS()
try:
tls_socket._s.sendall(str(pkt)) # changed: directly send to socket
if recv:
resp = tls_socket.recvall()
if resp.haslayer(TLSAlert):
alert = resp[TLSAlert]
if alert.level != TLSAlertLevel.WARNING:
level = TLS_ALERT_LEVELS.get(alert.level, "unknown")
description = TLS_ALERT_DESCRIPTIONS.get(alert.description, "unknown description")
raise TLSProtocolError("%s alert returned by server: %s" % (level.upper(), description.upper()), pkt, resp)
except socket.error as se:
raise TLSProtocolError(se, pkt, resp)
return resp
# .. your code from the example
tls_inject_roundtrip(tls_socket, Raw('\x18\x03\x01\x00\x01\x7f'))
from scapy-ssl_tls.
@tintinweb Thank you! Your code works! Although the malformed packet sent by the script looks similar to the one sent by a fuzzing tool. The malformed packet sent by the script didn't successfully affect the target whereas the one sent by a fuzzing tool caused the target to stop working. Are there still any other causes that made the test fail?
from scapy-ssl_tls.
@ji4 if the code produces exactly the same on-wire packets it might be that your fuzz-run (depending on how you do it) might have brought the ssl/tls stack you're testing already into a weird state before sending the packets you're reproducing. just an assumption. You might want to script up something that replays sessions captured in the pcaps.
from scapy-ssl_tls.
Related Issues (20)
- I need a help for Encrypt the communication of the Modbus protocol using AES and SSL Socket programming in python. HOT 2
- how can i control the condition to count how much TLS protocol packages HOT 1
- Trying to Encrypt and Decrypt the communication between Client and Server using Modbus/TCP protocol.
- Bad record mac when using ECDHE_RSA_WITH_AES_256_CBC_SHA384 cipher
- Missing os import
- How to create the Certificate Status message from the server? Any examples would be appreciated. HOT 1
- 2.0.0 server_rsa.py quit with error HOT 1
- TLSSessionCtx support for DTLS
- how to generate completely arbitrary messages HOT 1
- TLS 1.3 support HOT 2
- Pip Install Error HOT 4
- Feature: How to analyse statemachines using scapy-ssl_tls?
- UserWarning: Verification of GCM tag failed: MAC check failed HOT 1
- Documentation is sparse HOT 1
- Feature request: Implement please SSLKEYLOG decryption HOT 5
- Handling of curve25519 and curve448 ServerKeyExchange
- Pip Install Error HOT 2
- any guide for gmtls?
- Error Loading module scapy.layers.ssl_tls
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from scapy-ssl_tls.