Closed tlsfreak closed 3 years ago
Thanks for the report, but I'm having troubles reproducing this.
Could you share a snippet that works and reproduces it ? (if I remove all the unused arguments from your snipped, it works on my end)
by default, scapy client automaton force the signature algorithm to "sha256+rsa" this is per scapy/layers/tls/automaton_cli.py once you comment that out:
@ATMT.condition(PREPARE_CLIENTFLIGHT1)
def should_add_ClientHello(self):
if self.client_hello:
p = self.client_hello
else:
p = TLSClientHello()
# ext = []
# Add TLS_Ext_SignatureAlgorithms for TLS 1.2 ClientHello
# if self.cur_session.advertised_tls_version == 0x0303:
# ext += [TLS_Ext_SignatureAlgorithms(sig_algs=["sha256+rsa"])]
# Add TLS_Ext_ServerName
# if self.server_name:
# ext += TLS_Ext_ServerName(
# servernames=[ServerName(servername=self.server_name)]
# )
#p.ext = ext
self.add_msg(p)
raise self.ADDED_CLIENTHELLO()
try and use the following code snippet:
load_layer("tls")
# TLS Version
version = "1.2"
ciphers = [TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384]
ciphers += [TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
ciphers += [TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
ciphers += [TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
ciphers += [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384]
ciphers += [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256]
ciphers += [TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384]
ciphers += [TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256]
ciphers += [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA]
ciphers += [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA]
ciphers += [TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
ciphers += [TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
compression='null'
ext1 = TLS_Ext_ServerName(servernames=ServerName(servername=target_domain))
ext2 = TLS_Ext_CSR(stype='ocsp', req=OCSPStatusRequest())
ext3 = TLS_Ext_SupportedEllipticCurves(groups=['x25519', \
'secp256r1', \
'secp384r1'])
ext4 = TLS_Ext_SupportedPointFormat(ecpl='uncompressed')
ext5 = TLS_Ext_SignatureAlgorithms(sig_algs=['sha256+rsa', \
'sha384+rsa', \
'sha1+rsa', \
'sha256+ecdsa', \
'sha384+ecdsa', \
'sha1+ecdsa', \
'sha1+dsa', \
'sha512+rsa', \
'sha512+ecdsa'])
ext = [ext1, ext2, ext3, ext4, ext5]
ch = TLSClientHello(gmt_unix_time=get_random_timestamp(1), ciphers=ciphers, ext=ext, comp=compression)
ch.show()
t = TLSClientAutomaton(client_hello=ch, server=..., dport=443, data=...)
t.run()
code crashes here:
>
> /usr/local/lib/python3.5/dist-packages/scapy-2.4.4rc2.dev20-py3.5.egg/scapy/layers/tls/keyexchange.py(799)fill_missing()
-> x = pubkey.public_numbers().x
(Pdb)
Note to self:
from scapy.all import *
from scapy.layers.tls.all import *
class ModifiedTLSClientAutomaton(TLSClientAutomaton):
@ATMT.condition(TLSClientAutomaton.PREPARE_CLIENTFLIGHT1)
def should_add_ClientHello(self):
if self.client_hello:
p = self.client_hello
else:
p = TLSClientHello()
self.add_msg(p)
raise self.ADDED_CLIENTHELLO()
# TLS Version
target_domain = "www.google.com"
version = "1.2"
ciphers = [TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384]
ciphers += [TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
ciphers += [TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
ciphers += [TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
ciphers += [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384]
ciphers += [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256]
ciphers += [TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384]
ciphers += [TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256]
ciphers += [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA]
ciphers += [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA]
ciphers += [TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
ciphers += [TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
compression='null'
ext1 = TLS_Ext_ServerName(servernames=ServerName(servername=target_domain))
ext2 = TLS_Ext_CSR(stype='ocsp', req=OCSPStatusRequest())
ext3 = TLS_Ext_SupportedEllipticCurves(groups=['x25519', 'secp256r1', 'secp384r1'])
ext4 = TLS_Ext_SupportedPointFormat(ecpl='uncompressed')
ext5 = TLS_Ext_SignatureAlgorithms(sig_algs=['sha256+rsa', 'sha384+rsa', 'sha1+rsa', 'sha256+ecdsa', 'sha384+ecdsa', 'sha1+ecdsa', 'sha1+dsa', 'sha512+rsa', 'sha512+ecdsa'])
ext = [ext1, ext2, ext3, ext4, ext5]
ch = TLSClientHello(gmt_unix_time=10000, ciphers=ciphers, ext=ext, comp=compression)
ch.show()
t = ModifiedTLSClientAutomaton(client_hello=ch, server="www.google.com", dport=443)
t.run()
Hi @tlsfreak and sorry for the delay. This should be fixed in https://github.com/secdev/scapy/pull/2929 It would be great if you could have a look and try it out. Thanks
Brief description
crafting TLS 1.2 packets with x25519 curve set doesn't seems to be implemented, and throw errors
Environment
Version 2.4.4rc2.dev6
3.5.3
Linux debian 4.9.0-13-amd64
How to reproduce
run this:
Actual result
Expected result
a successful TLS 1.2 handshake
Related resources