search

Fraunhofer-AISEC / gallia

Extendable Pentesting Framework
https://fraunhofer-aisec.github.io/gallia/
Apache License 2.0
127 stars 24 forks source link

Track in flight requests/SID Multiplexing #34

Open rumpelsepp opened 2 years ago

rumpelsepp commented 2 years ago

We often have these bugs:

663 2020-10-20 15:46:28,173432  169.254.100.1   169.254.100.68  UDS 67  Request   Read Data By Identifier                0xf186
666 2020-10-20 15:46:28,424213  169.254.100.68  169.254.100.1   UDS 67  Reply     Error                                  Read Data By Identifier (SID: Request correctly received, but response is pending)
668 2020-10-20 15:46:28,430752  169.254.100.68  169.254.100.1   UDS 68  Reply     Read Data By Identifier                0xf186   02
670 2020-10-20 15:46:28,435925  169.254.100.1   169.254.100.68  UDS 66  Request   Tester Present                         Sub-function 0   (Reply suppressed)
673 2020-10-20 15:46:28,458779  169.254.100.1   169.254.100.68  UDS 67  Request   Read Data By Identifier                0x0015
676 2020-10-20 15:46:28,666417  169.254.100.68  169.254.100.1   UDS 67  Reply     Error                                  Read Data By Identifier (SID: Request Out of Range)
678 2020-10-20 15:46:28,672764  169.254.100.1   169.254.100.68  UDS 67  Request   Read Data By Identifier                0xf186
681 2020-10-20 15:46:28,918713  169.254.100.68  169.254.100.1   UDS 67  Reply     Error                                  Read Data By Identifier (SID: Request correctly received, but response is pending)
683 2020-10-20 15:46:28,928805  169.254.100.68  169.254.100.1   UDS 68  Reply     Read Data By Identifier                0xf186   02
685 2020-10-20 15:46:28,933829  169.254.100.1   169.254.100.68  UDS 67  Request   Read Data By Identifier                0x0016
688 2020-10-20 15:46:29,170610  169.254.100.68  169.254.100.1   UDS 67  Reply     Error                                  Read Data By Identifier (SID: Request Out of Range)
690 2020-10-20 15:46:29,176109  169.254.100.1   169.254.100.68  UDS 66  Request   Tester Present                         Sub-function 0   (Reply suppressed)
693 2020-10-20 15:46:29,199441  169.254.100.1   169.254.100.68  UDS 67  Request   Read Data By Identifier                0xf186
696 2020-10-20 15:46:29,210863  169.254.100.68  169.254.100.1   UDS 67  Reply     Error                                  Tester Present (SID: Request correctly received, but response is pending)
698 2020-10-20 15:46:29,416685  169.254.100.68  169.254.100.1   UDS 66  Reply     Tester Present                         Sub-function 0

Find a way to multiplex/track in flight request/responses.

rumpelsepp commented 2 years ago

See also #21, #22, #30.

stale[bot] commented 5 months ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.