def parse_args(self,
server="127.0.0.1",
dport=4433,
server_name=None,
mycert=None,
mykey=None,
client_hello=None,
version=None,
data=None,
**kargs):
super(TLSClientAutomaton, self).parse_args(mycert=mycert,
mykey=mykey,
**kargs)
tmp = socket.getaddrinfo(server, dport)
self.remote_name = None
try:
if ':' in server:
socket.inet_pton(socket.AF_INET6, server)
else:
socket.inet_pton(socket.AF_INET, server)
except:
self.remote_name = socket.getfqdn(server)
if self.remote_name != server:
tmp = socket.getaddrinfo(self.remote_name, dport)
if server_name:
self.remote_name = server_name
self.remote_family = tmp[0][0]
self.remote_ip = tmp[0][4][0]
self.remote_port = dport
self.local_ip = None
self.local_port = None
self.socket = None
self.client_hello = client_hello
self.advertised_tls_version = None
if version:
v = _tls_version_options.get(version, None)
if not v:
self.vprint("Unrecognized TLS version option.")
else:
self.advertised_tls_version = v
self.linebreak = False
if isinstance(data, str):
self.data_to_send = [data]
elif isinstance(data, list):
# parse_args is called two times, this is why we have to copy
# the data list for reversing it afterwards...
self.data_to_send = list(data)
self.data_to_send.reverse()
else:
self.data_to_send = []
def parse_args(self,
server="127.0.0.1",
dport=4433,
server_name=None,
mycert=None,
mykey=None,
client_hello=None,
version=None,
data=None,
**kargs):
super(TLSClientAutomaton, self).parse_args(mycert=mycert,
mykey=mykey,
**kargs)
tmp = socket.getaddrinfo(server, dport)
self.remote_name = None
try:
if ':' in server:
inet_pton(socket.AF_INET6, server)
else:
inet_pton(socket.AF_INET, server)
except:
self.remote_name = socket.getfqdn(server)
if self.remote_name != server:
tmp = socket.getaddrinfo(self.remote_name, dport)
if server_name:
self.remote_name = server_name
self.remote_family = tmp[0][0]
self.remote_ip = tmp[0][4][0]
self.remote_port = dport
self.local_ip = None
self.local_port = None
self.socket = None
self.client_hello = client_hello
self.advertised_tls_version = None
if version:
v = _tls_version_options.get(version, None)
if not v:
self.vprint("Unrecognized TLS version option.")
else:
self.advertised_tls_version = v
self.linebreak = False
if isinstance(data, bytes):
self.data_to_send = [data]
elif isinstance(data, six.string_types):
self.data_to_send = [raw(data)]
elif isinstance(data, list):
self.data_to_send = list(raw(d) for d in reversed(data))
else:
self.data_to_send = []
def parse_args(self, server="127.0.0.1", dport=4433, server_name=None,
mycert=None, mykey=None,
client_hello=None, version=None,
data=None,
**kargs):
super(TLSClientAutomaton, self).parse_args(mycert=mycert,
mykey=mykey,
**kargs)
tmp = socket.getaddrinfo(server, dport)
self.remote_name = None
try:
if ':' in server:
socket.inet_pton(socket.AF_INET6, server)
else:
socket.inet_pton(socket.AF_INET, server)
except:
self.remote_name = socket.getfqdn(server)
if self.remote_name != server:
tmp = socket.getaddrinfo(self.remote_name, dport)
if server_name:
self.remote_name = server_name
self.remote_family = tmp[0][0]
self.remote_ip = tmp[0][4][0]
self.remote_port = dport
self.local_ip = None
self.local_port = None
self.socket = None
self.client_hello = client_hello
self.advertised_tls_version = None
if version:
v = _tls_version_options.get(version, None)
if not v:
self.vprint("Unrecognized TLS version option.")
else:
self.advertised_tls_version = v
self.linebreak = False
if isinstance(data, str):
self.data_to_send = [data]
elif isinstance(data, list):
# parse_args is called two times, this is why we have to copy
# the data list for reversing it afterwards...
self.data_to_send = list(data)
self.data_to_send.reverse()
else:
self.data_to_send = []
def parse_args(self, server="127.0.0.1", dport=4433, server_name=None,
mycert=None, mykey=None,
client_hello=None, version=None,
data=None,
**kargs):
super(TLSClientAutomaton, self).parse_args(mycert=mycert,
mykey=mykey,
**kargs)
tmp = socket.getaddrinfo(server, dport)
self.remote_name = None
try:
if ':' in server:
inet_pton(socket.AF_INET6, server)
else:
inet_pton(socket.AF_INET, server)
except:
self.remote_name = socket.getfqdn(server)
if self.remote_name != server:
tmp = socket.getaddrinfo(self.remote_name, dport)
if server_name:
self.remote_name = server_name
self.remote_family = tmp[0][0]
self.remote_ip = tmp[0][4][0]
self.remote_port = dport
self.local_ip = None
self.local_port = None
self.socket = None
self.client_hello = client_hello
self.advertised_tls_version = None
if version:
v = _tls_version_options.get(version, None)
if not v:
self.vprint("Unrecognized TLS version option.")
else:
self.advertised_tls_version = v
self.linebreak = False
if isinstance(data, bytes):
self.data_to_send = [data]
elif isinstance(data, six.string_types):
self.data_to_send = [raw(data)]
elif isinstance(data, list):
self.data_to_send = list(raw(d) for d in reversed(data))
else:
self.data_to_send = []
def parse_args(self,
server="127.0.0.1",
dport=4433,
server_name=None,
mycert=None,
mykey=None,
client_hello=None,
version=None,
data=None,
ciphersuite=None,
curve=None,
**kargs):
super(TLSClientAutomaton, self).parse_args(mycert=mycert,
mykey=mykey,
**kargs)
tmp = socket.getaddrinfo(server, dport)
self.remote_name = None
try:
if ':' in server:
inet_pton(socket.AF_INET6, server)
else:
inet_pton(socket.AF_INET, server)
except Exception:
self.remote_name = socket.getfqdn(server)
if self.remote_name != server:
tmp = socket.getaddrinfo(self.remote_name, dport)
if server_name:
self.remote_name = server_name
self.remote_family = tmp[0][0]
self.remote_ip = tmp[0][4][0]
self.remote_port = dport
self.local_ip = None
self.local_port = None
self.socket = None
if (isinstance(client_hello, TLSClientHello)
or isinstance(client_hello, TLS13ClientHello)):
self.client_hello = client_hello
else:
self.client_hello = None
self.advertised_tls_version = None
if version:
v = _tls_version_options.get(version, None)
if not v:
self.vprint("Unrecognized TLS version option.")
else:
self.advertised_tls_version = v
self.linebreak = False
if isinstance(data, bytes):
self.data_to_send = [data]
elif isinstance(data, six.string_types):
self.data_to_send = [bytes_encode(data)]
elif isinstance(data, list):
self.data_to_send = list(bytes_encode(d) for d in reversed(data))
else:
self.data_to_send = []
self.curve = None
if self.advertised_tls_version == 0x0304:
self.ciphersuite = 0x1301
if ciphersuite is not None:
cs = int(ciphersuite, 16)
if cs in _tls_cipher_suites.keys():
self.ciphersuite = cs
if conf.crypto_valid_advanced:
# Default to x25519 if supported
self.curve = 29
else:
# Or secp256r1 otherwise
self.curve = 23
if curve is not None:
for (group_id, ng) in _tls_named_groups.items():
if ng == curve:
if curve == "x25519":
if conf.crypto_valid_advanced:
self.curve = group_id
else:
self.curve = group_id
) # noqa: E501
parser.add_argument("--no_pfs",
action="store_true",
help="Disable (EC)DHE exchange with PFS")
parser.add_argument("--ciphersuite", help="Ciphersuite preference")
parser.add_argument("--version", help="TLS Version", default="tls13")
args = parser.parse_args()
# By default, PFS is set
if args.no_pfs:
psk_mode = "psk_ke"
else:
psk_mode = "psk_dhe_ke"
v = _tls_version_options.get(args.version, None)
if not v:
sys.exit("Unrecognized TLS version option.")
if args.ciphersuite:
ciphers = int(args.ciphersuite, 16)
if ciphers not in list(range(0x1301, 0x1306)):
ch = TLSClientHello(ciphers=ciphers)
else:
ch = TLS13ClientHello(ciphers=ciphers)
else:
ch = None
t = TLSClientAutomaton(
client_hello=ch,
version=args.version,