Closed tlsfreak closed 3 years ago
gpotter2
commented
4 years ago Thanks for the report, but I'm having troubles reproducing this.
Could you share a snippet that works and reproduces it ? (if I remove all the unused arguments from your snipped, it works on my end)
tlsfreak
commented
4 years ago by default, scapy client automaton force the signature algorithm to "sha256+rsa" this is per scapy/layers/tls/automaton_cli.py once you comment that out:
@ATMT.condition(PREPARE_CLIENTFLIGHT1)
def should_add_ClientHello(self):
if self.client_hello:
p = self.client_hello
else:
p = TLSClientHello()
# ext = []
# Add TLS_Ext_SignatureAlgorithms for TLS 1.2 ClientHello
# if self.cur_session.advertised_tls_version == 0x0303:
# ext += [TLS_Ext_SignatureAlgorithms(sig_algs=["sha256+rsa"])]
# Add TLS_Ext_ServerName
# if self.server_name:
# ext += TLS_Ext_ServerName(
# servernames=[ServerName(servername=self.server_name)]
# )
#p.ext = ext
self.add_msg(p)
raise self.ADDED_CLIENTHELLO()try and use the following code snippet:
load_layer("tls")
# TLS Version
version = "1.2"
ciphers = [TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384]
ciphers += [TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
ciphers += [TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
ciphers += [TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
ciphers += [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384]
ciphers += [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256]
ciphers += [TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384]
ciphers += [TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256]
ciphers += [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA]
ciphers += [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA]
ciphers += [TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
ciphers += [TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
compression='null'
ext1 = TLS_Ext_ServerName(servernames=ServerName(servername=target_domain))
ext2 = TLS_Ext_CSR(stype='ocsp', req=OCSPStatusRequest())
ext3 = TLS_Ext_SupportedEllipticCurves(groups=['x25519', \
'secp256r1', \
'secp384r1'])
ext4 = TLS_Ext_SupportedPointFormat(ecpl='uncompressed')
ext5 = TLS_Ext_SignatureAlgorithms(sig_algs=['sha256+rsa', \
'sha384+rsa', \
'sha1+rsa', \
'sha256+ecdsa', \
'sha384+ecdsa', \
'sha1+ecdsa', \
'sha1+dsa', \
'sha512+rsa', \
'sha512+ecdsa'])
ext = [ext1, ext2, ext3, ext4, ext5]
ch = TLSClientHello(gmt_unix_time=get_random_timestamp(1), ciphers=ciphers, ext=ext, comp=compression)
ch.show()
t = TLSClientAutomaton(client_hello=ch, server=..., dport=443, data=...)
t.run()code crashes here:
>
> /usr/local/lib/python3.5/dist-packages/scapy-2.4.4rc2.dev20-py3.5.egg/scapy/layers/tls/keyexchange.py(799)fill_missing()
-> x = pubkey.public_numbers().x
(Pdb)
Note to self:
from scapy.all import *
from scapy.layers.tls.all import *
class ModifiedTLSClientAutomaton(TLSClientAutomaton):
@ATMT.condition(TLSClientAutomaton.PREPARE_CLIENTFLIGHT1)
def should_add_ClientHello(self):
if self.client_hello:
p = self.client_hello
else:
p = TLSClientHello()
self.add_msg(p)
raise self.ADDED_CLIENTHELLO()
# TLS Version
target_domain = "www.google.com"
version = "1.2"
ciphers = [TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384]
ciphers += [TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
ciphers += [TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
ciphers += [TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
ciphers += [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384]
ciphers += [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256]
ciphers += [TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384]
ciphers += [TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256]
ciphers += [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA]
ciphers += [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA]
ciphers += [TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
ciphers += [TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
compression='null'
ext1 = TLS_Ext_ServerName(servernames=ServerName(servername=target_domain))
ext2 = TLS_Ext_CSR(stype='ocsp', req=OCSPStatusRequest())
ext3 = TLS_Ext_SupportedEllipticCurves(groups=['x25519', 'secp256r1', 'secp384r1'])
ext4 = TLS_Ext_SupportedPointFormat(ecpl='uncompressed')
ext5 = TLS_Ext_SignatureAlgorithms(sig_algs=['sha256+rsa', 'sha384+rsa', 'sha1+rsa', 'sha256+ecdsa', 'sha384+ecdsa', 'sha1+ecdsa', 'sha1+dsa', 'sha512+rsa', 'sha512+ecdsa'])
ext = [ext1, ext2, ext3, ext4, ext5]
ch = TLSClientHello(gmt_unix_time=10000, ciphers=ciphers, ext=ext, comp=compression)
ch.show()
t = ModifiedTLSClientAutomaton(client_hello=ch, server="www.google.com", dport=443)
t.run()Hi @tlsfreak and sorry for the delay. This should be fixed in https://github.com/secdev/scapy/pull/2929 It would be great if you could have a look and try it out. Thanks
Brief description
crafting TLS 1.2 packets with x25519 curve set doesn't seems to be implemented, and throw errors
Environment
Version 2.4.4rc2.dev63.5.3Linux debian 4.9.0-13-amd64How to reproduce
run this:
Actual result
Expected result
a successful TLS 1.2 handshake
Related resources