search

firefart / stunner

Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers.
Other
765 stars 43 forks source link

conflicting results? with udp --tls #22

Closed dennisTGC closed 1 year ago

dennisTGC commented 1 year ago

Hi,

If i execute stunner info -s server.domain.tld:443 --protocol tcp --tls it returns:

INFO[0000] this server supports the STUN protocol       
INFO[0000] Attributes:                                  
INFO[0000]  RESPONSE-ORIGIN: 10.20.20.208:443           
INFO[0000]  OTHER-ADDRESS: 10.20.20.208:5349            
INFO[0000]  SOFTWARE: Coturn-4.5.1.1 'dan Eider'        
INFO[0000] this server supports the TURN protocol with UDP transports 
INFO[0000] Attributes:                                  
INFO[0000]  REALM: server.domain.tld               
INFO[0000]  SOFTWARE: Coturn-4.5.1.1 'dan Eider'        
INFO[0000] this server supports the TURN protocol with TCP transports 
INFO[0000] Attributes:                                  
INFO[0000]  REALM: server.domain.tld               
INFO[0000]  SOFTWARE: Coturn-4.5.1.1 'dan Eider'

But if do stunner info -s server.domain.tld:443 --tls it returns

INFO[0000] this server supports the STUN protocol       
INFO[0000] Attributes:                                  
INFO[0000]  RESPONSE-ORIGIN: 10.20.20.208:443           
INFO[0000]  OTHER-ADDRESS: 10.20.20.208:5349            
INFO[0000]  SOFTWARE: Coturn-4.5.1.1 'dan Eider'        
ERRO[0001] this server does not support the TURN UDP protocol 
ERRO[0002] this server does not support the TURN TCP protocol

Why does it return the server does not support the turn protocol? Didn't we just tested succesfully in the query before? Does it default to other ports than 443 to test turn udp/tcp?

some other queries that might be of interest:

stunner info -s server.domain.tld:443 --protocol udp 
INFO[0000] this server supports the STUN protocol       
INFO[0000] Attributes:                                  
INFO[0000]  RESPONSE-ORIGIN: 10.20.20.208:443           
INFO[0000]  OTHER-ADDRESS: 10.20.20.208:5349            
INFO[0000]  SOFTWARE: Coturn-4.5.1.1 'dan Eider'        
INFO[0000] this server supports the TURN protocol with UDP transports 
INFO[0000] Attributes:                                  
INFO[0000]  REALM: server.domain.tld       
INFO[0000]  SOFTWARE: Coturn-4.5.1.1 'dan Eider'        
INFO[0000] this server supports the TURN protocol with TCP transports 
INFO[0000] Attributes:                                  
INFO[0000]  REALM: server.domain.tld    
INFO[0000]  SOFTWARE: Coturn-4.5.1.1 'dan Eider'  
stunner info -s server.domain.tld:443 --protocol udp --tls
INFO[0000] this server supports the STUN protocol       
INFO[0000] Attributes:                                  
INFO[0000]  RESPONSE-ORIGIN: 10.20.20.208:443           
INFO[0000]  OTHER-ADDRESS: 10.20.20.208:5349            
INFO[0000]  SOFTWARE: Coturn-4.5.1.1 'dan Eider'        
ERRO[0001] this server does not support the TURN UDP protocol 
ERRO[0002] this server does not support the TURN TCP protocol
firefart commented 1 year ago

the server only supports TURN via a TCP connection. The TURN UDP and TURN TCP refer to the connection to the backend, not to the server itself (that's controlled via the protocol parameter)