How to check received tls message contents?

[GSoJC234]

Hello,

I wanted to express my gratitude for providing the exceptional tool, TLS-Attacker. It has been immensely helpful for me in testing TLS software like OpenSSL and WolfSSL.

I have a query regarding looking at or checking message contents received from the server. Could you kindly guide me on how to do this?

Additionally, I'm curious if there's a way to execute each action separately without relying on WorkflowExecutor. It would be greatly appreciated if you could provide a straightforward code snippet for this purpose. I tried to solve this problem using the below code. but it shows the error "No context defined with alias 'null'"

    Config config = Config.createConfig();

    ClientHelloMessage chMsg = new ClientHelloMessage();
    chMsg.setProtocolVersion(ProtocolVersion.TLS12.getValue());
    chMsg.setCipherSuiteLength(1);
    chMsg.setCipherSuites(CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8.getByteValue());
    chMsg.setSessionId(new byte[]{});
    byte[] random = new byte[32];
    SecureRandom.getInstanceStrong().nextBytes(random);
    chMsg.setRandom(random);
    chMsg.setUnixTime(ArrayConverter.longToBytes(Time.getUnixTime(), 4));
    chMsg.setCompressionLength(1);
    chMsg.setCompressions(ArrayConverter.intToBytes(Compression.NONE.getValue(), 2));

    SendAction action = new SendAction(chMsg);

    State state = new State(config);
    action.execute(state);

Thank you very much for your assistance.

[ic0ns]

Hey, thanks for the kind words. Maybe first: What you are trying to do is not working the way you expect it to. If you change values in the messages without using Modification hooks, your changes will have no effect as TLS-Attacker will reset these values before executing. The proper way to do this is to assign values via ModifableVariables.

for example:

chMsg.setRandom(Modifiable.explicit(random)); // This overwrite the value TLS-Attacker 
                                              // chooses/computes at runtime with our value

Reading the values after execution is as simple as calling the respective getters after exeuction i.e:

byte[] runtimeClientRandom = chMsg.getRandom().getValue();

Regarding the execution of actions without the WorkflowExecutor: It is possible to do this, but we generally discourage this, as it requires you to fiddle around quite a bit. Your specific exception is related to TLS-Attacker's MitM Module. With TLS-Attacker it is possible to have multiple connections within one WorkflowTrace. Each connection is assigned an Alias. When you do not define an Alias, TLS-Attacker will just assume you are not using the MitM module (as you are) and will initialize everything with the default alias to make things work. Since you are not using a WorkflowTrace, TLS-Attacker will create one for you from your provided Config object. Since your action is not part of this WorkflowTrace, it does not get "normalized".

https://github.com/tls-attacker/TLS-Attacker/blob/9dfb02e7b1e2861b9973c5af86c5529c2f657c8d/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/state/State.java#L123-L125

One way around this is to assign your action an Alias. Afaik, the default Alias used by TLS-Attacker is the String "server" or "client" depending on the connection direction using this method:

https://github.com/tls-attacker/TLS-Attacker/blob/9dfb02e7b1e2861b9973c5af86c5529c2f657c8d/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/workflow/action/ConnectionBoundAction.java#L42

Also make sure to initialize the TransportHandler and the layers correctly by doing something similar to this:

https://github.com/tls-attacker/TLS-Attacker/blob/9dfb02e7b1e2861b9973c5af86c5529c2f657c8d/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/workflow/WorkflowExecutor.java#L76-L125

[GSoJC234]

Thank you for your quick response! I want to express my sincere appreciation for your incredibly helpful and insightful response! :+1: