-
Notifications
You must be signed in to change notification settings - Fork 157
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to do SSL renegotiation using the scapy-ssl_tls tool? #75
Comments
Hi, For the most part this should work out of the box. Do something like that: pkt = TLSRecord() / TLSHandshake() / TLSClientHello(version=TLSVersion.TLS_1_2, extensions=[TLSExtension() / TLSExtRenegotiationInfo()])
with TLSSocket(socket.socket(), client=True) as s:
s.connect(("127.0.0.1", 8443))
s.sendall(pkt)
r = s.recvall()
r[TLSServerHello].extensions[0].show() Will output:
Just continue the full handshake as examplified in Ciphers can be specified at TLSClientHello(cipher_suites=TLSCipherSuite.ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, extensions=[TLSExtension() / TLSExtEllipticCurves(elliptic_curves=TLSEllipticCurve.SECP521R1), TLSExtension() / TLSExtECPointsFormat(ec_point_formats=TLSEcPointFormat.UNCOMPRESSED)]).show2()
###[ TLS Client Hello ]###
version= TLS_1_0
gmt_unix_time= 1476220482
random_bytes= '\x9d\xbc\xd9\x84\xa5\xe9\x1d\x9b7-\xbeN\xc7h+:1\xf1\xe5Y}\xee\x89\xdb\x87KZK'
session_id_length= 0x0
session_id= ''
cipher_suites_length= 0x2
cipher_suites= ['ECDHE_ECDSA_WITH_AES_128_CBC_SHA256']
compression_methods_length= 0x1
compression_methods= ['NULL']
extensions_length= 0xe
\extensions\
|###[ TLS Extension ]###
| type= supported_groups
| length= 0x4
|###[ TLS Extension Elliptic Curves ]###
| length= 0x2
| elliptic_curves= ['secp521r1']
|###[ TLS Extension ]###
| type= ec_point_formats
| length= 0x2
|###[ TLS Extension EC Points Format ]###
| length= 0x1
| ec_point_formats= ['uncompressed'] Now for the issues ;):
Hope that helps with the general flow. |
Thanks very much for the response. |
Hi @mukundamj, #73 has been merged. I'll have a look into addressing this. You can follow progress on renegotiation branch if interested. Alex |
OK, so this is way more complicated then I initially thought. I've got this working until the second symmetric encryption kicks in. So master-secret and symmetrical keys are re-negotiated OK. For this to work fully, I'd have to split the Sorry, this will have to wait a bit. If you want to play with the half backed solution, you can checkout the renegotiation branch. It's hacky though. |
Thanks Alex. I will try if I can figure out something in the renegotiation branch. |
- This change does not work fully. It's exploratory work to address issue #75. It's messy and hacky
I am having trouble in doing a SSL renegotiation using the renegotiation_info extension of the client hello packet. While doing a SSL renegotiation I also want to be able to change some of the attributes of the client hello packet like cipher suites and elliptic curves. I am not very familiar with the scapy-ssl_tls tool. Can someone help me regarding this?
The text was updated successfully, but these errors were encountered: