Beispiel #1
0
    def parse_args(self,
                   bind,
                   pemcert,
                   pemkey=None,
                   response="HTTP/1.1 200 OK\r\n\r\n",
                   cipher_suite=TLSCipherSuite.RSA_WITH_AES_128_CBC_SHA,
                   timeout=4.0,
                   **kwargs):
        Automaton.parse_args(self, **kwargs)
        self.bind = bind
        self.pemcert = pemcert
        self.pemkey = pemkey if pemkey else pemcert
        self.tls_version = 'TLS_1_2'
        self.response = response
        self.cipher_suite = cipher_suite
        self.timeout = timeout
        self.tlssock = None
        self.srv_sock = None
        self.peer = None

        pemo = pem_get_objects(self.pemcert)
        for key_pk in (k for k in pemo.keys() if "CERTIFICATE" in k.upper()):
            self.dercert = ''.join(
                line for line in pemo[key_pk].get("full").strip().split("\n")
                if not "-" in line).decode("base64")
            break
        self.debug(1, "parse_args - done")
Beispiel #2
0
    def parse_args(self, server="127.0.0.1", sport=4433,
                   mycert=None, mykey=None,
                   preferred_ciphersuite=None, **kargs):
        Automaton.parse_args(self, **kargs)

        self.mycert = Cert(mycert)
        self.mykey  = PrivKey(mykey)

        try:
            if ':' in server:
                socket.inet_pton(socket.AF_INET6, server)
            else:
                socket.inet_pton(socket.AF_INET, server)
            tmp = socket.getaddrinfo(server, sport)
        except:
            tmp = socket.getaddrinfo(socket.getfqdn(server), sport)

        self.ip_family = tmp[0][0]
        self.local_ip = tmp[0][4][0]
        self.local_port = sport
        self.remote_ip = None
        self.remote_port = None

        self.cur_pkt = None
        self.cur_session = None
        self.msg_list = []

        self.remain = ""

        self.socket = None

        self.cert_req = None

        self.preferred_ciphersuite = preferred_ciphersuite
Beispiel #3
0
    def parse_args(self, server="127.0.0.1", sport=4433,
                   mycert=None, mykey=None,
                   preferred_ciphersuite=None, **kargs):
        Automaton.parse_args(self, **kargs)

        self.mycert = Cert(mycert)
        self.mykey  = PrivKey(mykey)

        try:
            if ':' in server:
                socket.inet_pton(socket.AF_INET6, server)
            else:
                socket.inet_pton(socket.AF_INET, server)
            tmp = socket.getaddrinfo(server, sport)
        except:
            tmp = socket.getaddrinfo(socket.getfqdn(server), sport)

        self.ip_family = tmp[0][0]
        self.local_ip = tmp[0][4][0]
        self.local_port = sport
        self.remote_ip = None
        self.remote_port = None

        self.cur_pkt = None
        self.cur_session = None
        self.msg_list = []

        self.remain = ""

        self.socket = None

        self.cert_req = None

        self.preferred_ciphersuite = preferred_ciphersuite
    def parse_args(self,
                   bind,
                   pemcert,
                   pemkey=None,
                   response="HTTP/1.1 200 OK\r\n\r\n",
                   cipher_suite=TLSCipherSuite.RSA_WITH_AES_128_CBC_SHA,
                   timeout=4.0,
                   **kwargs):
        Automaton.parse_args(self, **kwargs)
        self.bind = bind
        self.pemcert = pemcert
        self.pemkey = pemkey if pemkey else pemcert
        self.tls_version = 'TLS_1_2'
        self.response = response
        self.cipher_suite = cipher_suite
        self.timeout = timeout
        self.tlssock = None
        self.srv_sock = None
        self.peer = None

        pemo = pem_get_objects(self.pemcert)
        for key_pk in (k for k in pemo.keys() if "CERTIFICATE" in k.upper()):
            self.dercert = ''.join(
                line for line in pemo[key_pk].get("full").strip().split("\n") if not "-" in line).decode("base64")
            break
        self.debug(1, "parse_args - done")
Beispiel #5
0
 def __init__(self, *args, **kwargs):
     self.callbacks = {}  # fname:func
     # trickery: disable unneeded automata internal sockets by faking a null-obj
     kwargs['ll'] = type('obj', (object, ), {})
     kwargs['recvsock'] = kwargs['ll']
     Automaton.__init__(self, *args, **kwargs)
     self.STATES = {
         TLSClientHello: 'CLIENT_HELLO_SENT',
         TLSServerHello: 'SERVER_HELLO_RECV',
         TLSCertificate: 'SERVER_HELLO_RECV',
         TLSCertificateList: 'SERVER_HELLO_RECV',
         TLSServerHelloDone: 'SERVER_HELLO_RECV',
         TLSFinished: 'CLIENT_FINISH_SENT',
         TLSChangeCipherSpec: 'CLIENT_CHANGE_CIPHERSPEC_SENT',
         TLSClientKeyExchange: 'CLIENT_KEY_EXCHANGE_SENT',
         # TLSServerKeyExchange: 'xxx',
         TLSPlaintext: 'CLIENT_APPDATA_SENT',
         TLSDecryptablePacket: 'CLIENT_APPDATA_SENT',
     }
     self.ACTIONS = {
         TLSClientHello: 'send_client_hello',
         TLSServerHello: 'recv_server_hello',
         TLSCertificate: 'recv_server_hello',
         TLSCertificateList: 'recv_server_hello',
         TLSServerHelloDone: 'recv_server_hello',
         TLSFinished: 'send_client_finish',
         TLSChangeCipherSpec: 'send_client_change_cipher_spec',
         TLSClientKeyExchange: 'send_client_key_exchange',
         # TLSServerKeyExchange: 'xxx',
         TLSPlaintext: 'send_client_appdata',
         TLSDecryptablePacket: 'send_client_appdata',
     }
Beispiel #6
0
    def parse_args(self, iface=None,  server_port=None, client_port=None,
                   client_ip=None, server_ip=None, server_mac=None,
                   client_mac=None, **kargs):
        # NOTE: an external program should randomize MAC prior running this.
        Automaton.parse_args(self, **kargs)
        logger.debug('Automaton parsing args.')
        # in case iface change when going back to init?:
        self.iface = iface or conf.iface
        # link layer:
        # in case mac change when going back to init?:
        # chaddr
        if client_mac is None:
            _, client_mac = get_if_raw_hwaddr(self.iface)
            self.client_mac = str2mac(client_mac)
        else:
            self.client_mac = client_mac
        # upd layer
        self.server_port = server_port or SERVER_PORT
        self.client_port = client_port or CLIENT_PORT
        # dhcp logic
        self.max_discover_retries = MAX_DISCOVER_RETRIES
        self.max_num_offers = MAX_OFFERS_COLLECTED
        self.previous_state = None
        self.current_state = 'INIT'

        self.initialize(iface=iface, client_mac=client_mac,
                        client_ip=client_ip, server_ip=server_ip,
                        server_mac=server_mac)
 def __init__(self, *args, **kwargs):
     self.callbacks = {}  # fname:func
     Automaton.__init__(self, *args, **kwargs)
     self.STATES = {TLSClientHello: 'CLIENT_HELLO_SENT',
                    TLSServerHello: 'SERVER_HELLO_RECV',
                    TLSCertificate: 'SERVER_HELLO_RECV',
                    TLSCertificateList: 'SERVER_HELLO_RECV',
                    TLSServerHelloDone: 'SERVER_HELLO_RECV',
                    TLSFinished: 'CLIENT_FINISH_SENT',
                    TLSChangeCipherSpec: 'CLIENT_CHANGE_CIPHERSPEC_SENT',
                    TLSClientKeyExchange: 'CLIENT_KEY_EXCHANGE_SENT',
                    # TLSServerKeyExchange: 'xxx',
                    TLSPlaintext: 'CLIENT_APPDATA_SENT',
                    TLSDecryptablePacket: 'CLIENT_APPDATA_SENT',
                    }
     self.ACTIONS = {TLSClientHello: 'send_client_hello',
                     TLSServerHello: 'recv_server_hello',
                     TLSCertificate: 'recv_server_hello',
                     TLSCertificateList: 'recv_server_hello',
                     TLSServerHelloDone: 'recv_server_hello',
                     TLSFinished: 'send_client_finish',
                     TLSChangeCipherSpec: 'send_client_change_cipher_spec',
                     TLSClientKeyExchange: 'send_client_key_exchange',
                     # TLSServerKeyExchange: 'xxx',
                     TLSPlaintext: 'send_client_appdata',
                     TLSDecryptablePacket: 'send_client_appdata',
                     }
 def __init__(self, *args, **kwargs):
     self.callbacks = {}  # fname:func
     Automaton.__init__(self, *args, **kwargs)
     self.STATES = {TLSClientHello: 'CLIENT_HELLO_RECV',
                    TLSServerHello: 'SERVER_HELLO_SENT',
                    TLSCertificate: 'SERVER_CERTIFICATES_SENT',
                    TLSCertificateList: 'SERVER_CERTIFICATES_SENT',
                    TLSServerHelloDone: 'SERVER_HELLO_DONE_SENT',
                    TLSFinished: 'SERVER_FINISH_SENT',
                    TLSChangeCipherSpec: 'SERVER_CCS_SENT',
                    TLSClientKeyExchange: 'CLIENT_KEY_EXCHANGE_RECV',
                    TLSServerKeyExchange: 'SERVER_KEY_EXCHANGE_SENT',
                    TLSPlaintext: 'SERVER_APPDATA_SENT',
                    TLSDecryptablePacket: 'SERVER_APPDATA_SENT',
                    }
     self.ACTIONS = {TLSClientHello: 'recv_client_hello',
                     TLSServerHello: 'send_server_hello',
                     TLSCertificate: 'send_server_certificates',
                     TLSCertificateList: 'send_server_certificates',
                     TLSServerHelloDone: 'send_server_hello_done',
                     TLSFinished: 'send_server_finish',
                     TLSChangeCipherSpec: 'send_server_ccs',
                     TLSClientKeyExchange: 'recv_client_key_exchange',
                     TLSServerKeyExchange: 'send_server_key_exchange',
                     TLSPlaintext: 'send_server_appdata',
                     TLSDecryptablePacket: 'send_server_appdata',
                     }
 def __init__(self, *args, **kwargs):
     self.callbacks = {}  # fname:func
     # trickery: disable unneeded automata internal sockets by faking a null-obj
     kwargs['ll'] = type('obj', (object,), {})
     kwargs['recvsock'] = kwargs['ll']
     Automaton.__init__(self, *args, **kwargs)
     self.STATES = {TLSClientHello: 'CLIENT_HELLO_SENT',
                    TLSServerHello: 'SERVER_HELLO_RECV',
                    TLSCertificate: 'SERVER_HELLO_RECV',
                    TLSCertificateList: 'SERVER_HELLO_RECV',
                    TLSServerHelloDone: 'SERVER_HELLO_RECV',
                    TLSFinished: 'CLIENT_FINISH_SENT',
                    TLSChangeCipherSpec: 'CLIENT_CHANGE_CIPHERSPEC_SENT',
                    TLSClientKeyExchange: 'CLIENT_KEY_EXCHANGE_SENT',
                    # TLSServerKeyExchange: 'xxx',
                    TLSPlaintext: 'CLIENT_APPDATA_SENT',
                    TLSDecryptablePacket: 'CLIENT_APPDATA_SENT',
                    }
     self.ACTIONS = {TLSClientHello: 'send_client_hello',
                     TLSServerHello: 'recv_server_hello',
                     TLSCertificate: 'recv_server_hello',
                     TLSCertificateList: 'recv_server_hello',
                     TLSServerHelloDone: 'recv_server_hello',
                     TLSFinished: 'send_client_finish',
                     TLSChangeCipherSpec: 'send_client_change_cipher_spec',
                     TLSClientKeyExchange: 'send_client_key_exchange',
                     # TLSServerKeyExchange: 'xxx',
                     TLSPlaintext: 'send_client_appdata',
                     TLSDecryptablePacket: 'send_client_appdata',
                     }
Beispiel #10
0
 def parse_args(self, filename, data, server, sport=None, port=69, **kargs):
     Automaton.parse_args(self, **kargs)
     self.filename = filename
     self.server = server
     self.port = port
     self.sport = sport
     self.blocksize = 512
     self.origdata = data
Beispiel #11
0
 def parse_args(self, filename, data, server, sport=None, port=69, **kargs):
     Automaton.parse_args(self, **kargs)
     self.filename = filename
     self.server = server
     self.port = port
     self.sport = sport
     self.blocksize = 512
     self.origdata = data
Beispiel #12
0
    def parse_args(self, debug=0, store=0, **kwargs):
        self.comm = kwargs.pop('comm', None)
        self.target = kwargs.pop('target', None)
        self.device = kwargs.pop('device', None)
        Automaton.parse_args(self, debug=debug, store=store, **kwargs)
        self.verbose = kwargs.get('verbose', _verbose)
        self.iface = kwargs.get('iface', "eth0")

        if self.comm is None or self.target is None:
            raise ValueError("Missing comm or target")
Beispiel #13
0
    def parse_args(self,
                   server="127.0.0.1",
                   dport=4433,
                   server_name=None,
                   mycert=None,
                   mykey=None,
                   client_hello=None,
                   data=None,
                   **kargs):
        Automaton.parse_args(self, **kargs)

        tmp = socket.getaddrinfo(server, dport)
        self.remote_name = None
        try:
            if ':' in server:
                socket.inet_pton(socket.AF_INET6, server)
            else:
                socket.inet_pton(socket.AF_INET, server)
        except:
            self.remote_name = socket.getfqdn(server)
            if self.remote_name != server:
                tmp = socket.getaddrinfo(self.remote_name, dport)

        if server_name:
            self.remote_name = server_name
        self.remote_family = tmp[0][0]
        self.remote_ip = tmp[0][4][0]
        self.remote_port = dport
        self.local_ip = None
        self.local_port = None

        self.cur_pkt = None
        self.cur_session = None
        self.msg_list = []

        self.remain = ""

        self.socket = None

        self.cert_req = None

        self.client_hello = client_hello
        self.data = data

        if mycert and mykey:
            self.mycert = Cert(mycert)
            self.mykey = PrivKey(mykey)
        else:
            self.mycert = None
            self.mykey = None
Beispiel #14
0
 def parse_args(self,
                target,
                tls_version='TLS_1_1',
                request="GET / HTTP/1.1\r\nHOST: localhost\r\n\r\n",
                cipher_suites=[TLSCipherSuite.RSA_WITH_AES_128_CBC_SHA],
                timeout=4.0,
                **kwargs):
     Automaton.parse_args(self, **kwargs)
     self.target = target
     self.tls_version = tls_version
     self.request = request
     self.cipher_suites = cipher_suites
     self.timeout = timeout
     self.tlssock = None
 def parse_args(self, 
                target, 
                tls_version='TLS_1_1', 
                request="GET / HTTP/1.1\r\nHOST: localhost\r\n\r\n", 
                cipher_suites=[TLSCipherSuite.RSA_WITH_AES_128_CBC_SHA],
                timeout=4.0, 
                **kwargs):
     Automaton.parse_args(self, **kwargs)
     self.target = target
     self.tls_version = tls_version
     self.request = request
     self.cipher_suites = cipher_suites
     self.timeout = timeout
     self.tlssock = None
Beispiel #16
0
 def parse_args(self, store=None, joker=None, dir=None, ip=None, sport=None, serve_one=False, **kargs):  # noqa: E501
     Automaton.parse_args(self, **kargs)
     if store is None:
         store = {}
     if dir is not None:
         self.dir = os.path.join(os.path.abspath(dir), "")
     else:
         self.dir = None
     self.store = store
     self.joker = joker
     self.ip = ip
     self.sport = sport
     self.serve_one = serve_one
     self.my_tid = self.sport or random.randint(10000, 65500)
     bind_bottom_up(UDP, TFTP, dport=self.my_tid)
Beispiel #17
0
 def parse_args(self, store=None, joker=None, dir=None, ip=None, sport=None, serve_one=False, **kargs):  # noqa: E501
     Automaton.parse_args(self, **kargs)
     if store is None:
         store = {}
     if dir is not None:
         self.dir = os.path.join(os.path.abspath(dir), "")
     else:
         self.dir = None
     self.store = store
     self.joker = joker
     self.ip = ip
     self.sport = sport
     self.serve_one = serve_one
     self.my_tid = self.sport or random.randint(10000, 65500)
     bind_bottom_up(UDP, TFTP, dport=self.my_tid)
Beispiel #18
0
 def run(self, *args, **kwargs):
     """tin: ugly hack Part II:
             fix {state:condition_funcs} map to use hookable(f) instead of f
     """
     for name in self.conditions:
         self.conditions[name] = [getattr(cf, 'wrapper_f', cf) for cf in self.conditions[name]]
     return Automaton.run(self, *args, **kwargs)
 def run(self, *args, **kwargs):
     """tin: ugly hack Part II:
             fix {state:condition_funcs} map to use hookable(f) instead of f
     """
     for name in self.conditions:
         self.conditions[name] = [getattr(cf, 'wrapper_f', cf) for cf in self.conditions[name]]
     return Automaton.run(self, *args, **kwargs)
Beispiel #20
0
    def parse_args(self, sender, receiver, n_bits, payloads, win, Q_3_2, Q_3_3,
                   Q_3_4, **kwargs):
        """Initialize Automaton."""
        Automaton.parse_args(self, **kwargs)
        self.win = win
        self.n_bits = n_bits
        assert self.win < 2**self.n_bits
        self.receiver = receiver
        self.sender = sender
        self.q = que.Queue()
        for item in payloads:
            self.q.put(item)

        #Sender buffer
        self.buffer = OrderedDict()
        #The current packet of the SEND status.
        self.current = 0
        #The smallest packet waiting to be ack'ed
        self.unack = 0
        self.receiver_win = win
        self.Q_3_2 = Q_3_2
        self.SACK = Q_3_3
        self.Q_3_4 = Q_3_4
        self.retransmit_flag = False

        #Bonus
        if (self.Q_3_4):
            self.CWND_fp = 1.0
            self.CWND = math.floor(self.CWND_fp)
            self.ssthresh = math.inf
            self.CWND_data = list()
            self.CWND_data.append(self.CWND_fp)
            log.debug("Initialize CWND: %s. ", self.CWND_data)
        else:
            #No CWND, it is neutralized by setting equal to the sender window
            self.CWND = self.win
        self.effective_window = min(self.CWND, self.win, self.receiver_win)
        #header length
        self.hlen = 6
        #to indicate if the retransmission is being done because of a timeout
        self.timeout_hanjing = False
        #to indicate if the retransmission is being done because of duplicate ACK packets
        self.dup_ack_hanjing = False
        #include a list to track duplicated acks
        self.dup_ack = list()
Beispiel #21
0
    def parse_args(self, server="127.0.0.1", dport=4433,
                   server_name=None, mycert=None, mykey=None,
                   client_hello=None, data=None, **kargs):
        Automaton.parse_args(self, **kargs)

        tmp = socket.getaddrinfo(server, dport)
        self.remote_name = None
        try:
            if ':' in server:
                socket.inet_pton(socket.AF_INET6, server)
            else:
                socket.inet_pton(socket.AF_INET, server)
        except:
            self.remote_name = socket.getfqdn(server)
            if self.remote_name != server:
                tmp = socket.getaddrinfo(self.remote_name, dport)

        if server_name:
            self.remote_name = server_name
        self.remote_family = tmp[0][0]
        self.remote_ip = tmp[0][4][0]
        self.remote_port = dport
        self.local_ip = None
        self.local_port = None

        self.cur_pkt = None
        self.cur_session = None
        self.msg_list = []

        self.remain = ""

        self.socket = None

        self.cert_req = None

        self.client_hello = client_hello
        self.data = data

        if mycert and mykey:
            self.mycert = Cert(mycert)
            self.mykey  = PrivKey(mykey)
        else:
            self.mycert = None
            self.mykey  = None
Beispiel #22
0
 def parse_args(self, ip=None, sport=None, *args, **kargs):
     Automaton.parse_args(self, *args, **kargs)
     self.ip = ip
     self.sport = sport
Beispiel #23
0
 def parse_args(self, filename, server, sport=None, port=69, **kargs):
     Automaton.parse_args(self, **kargs)
     self.filename = filename
     self.server = server
     self.port = port
     self.sport = sport
Beispiel #24
0
 def parse_args(self, filename, server, sport=None, port=69, **kargs):
     Automaton.parse_args(self, **kargs)
     self.filename = filename
     self.server = server
     self.port = port
     self.sport = sport
Beispiel #25
0
 def parse_args(self, ip=None, sport=None, *args, **kargs):
     Automaton.parse_args(self, *args, **kargs)
     self.ip = ip
     self.sport = sport