Closed ayushbindlish closed 3 years ago
Usually TLS-Attacker automatically generates records for your messages. If you want to modify the contents of the record layer you have to explicitly define which records you want to send. This can be done with the setRecords() function on the SendAction in your WorkflowTrace. You can create Records and modify them like you create any other message.
I am still not able to set the record length. Is something wrong with my code?
In Wireshark I see -
Transport Layer Security
TLSv1.2 Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 824
Handshake Protocol: Client Hello
This is my code:
WorkflowTrace trace = new WorkflowTrace();
Record record = new Record();
record.setLength(100);
ClientHelloMessage clienthello = new ClientHelloMessage(tls12Init.getConf().getConfig());
SendAction sendaction = new SendAction(clienthello);
sendaction.setRecords(record);
trace.addTlsAction(sendaction);
List<ProtocolMessage> messageListHandshake = new LinkedList<>();
messageListHandshake.add(new ServerHelloMessage());
messageListHandshake.add(new CertificateMessage());
messageListHandshake.add(new ServerHelloDoneMessage());
trace.addTlsAction(new ReceiveAction(messageListHandshake));
State state = TLS12Execute.execute(tls12Init.getConf(), trace);
Hey, you need to use ModififableVariables instead of setting the value yourself directly, TLS-Attacker will overwrite it otherwise.
record.setLength(Modifiable.explicit(100));
Okay Thanks a lot @ic0ns Also, will setting this fragment the packet?
no, this will just overwrite the length field. If you want to fragment the message you have to set the "maxRecordLengthConfig" value (no modifiable variable needed).
Got that. Thanks for all your help.
I want to change TLS record layer values in my workflow trace.
This is my high level code: