def test_initKEXHash(self):
netPackets = pcapReader.openPCAPFile(pcapPath)
ikePackets = pcapReader.getISAKMPPackets(netPackets)
initSAPacket = ikeParser.getIniatorSAPacket(ikePackets)
initKEX = ikeParser.getPayloadFromISAKMP(initSAPacket,ikeParser.ISAKMP_KEX_NAME)
initKEXHash = sha256(initKEX).hexdigest()
self.assertEqual(initKEXHash, TestStringMethods.initKEXHash)
def test_respKEXHash(self):
netPackets = pcapReader.openPCAPFile(pcapPath)
ikePackets = pcapReader.getISAKMPPackets(netPackets)
respSAPacket = ikeParser.getResponderSAPacket(ikePackets)
respKEX = ikeParser.getPayloadFromISAKMP(respSAPacket,ikeParser.ISAKMP_KEX_NAME)
respKEXHash = sha256(respKEX).hexdigest()
self.assertEqual(respKEXHash, TestStringMethods.respKEXHash)
def test_initCookieHash(self):
netPackets = pcapReader.openPCAPFile(pcapPath)
ikePackets = pcapReader.getISAKMPPackets(netPackets)
initSAPacket = ikeParser.getIniatorSAPacket(ikePackets)
initCookie = ikeParser.getCookieFromISAKMP(respSAPacket,False)
initCookieHash = sha256(initCookie).hexdigest()
self.assertEqual(initCookieHash, TestStringMethods.initCookieHash)
def test_respCookieHash(self):
netPackets = pcapReader.openPCAPFile(pcapPath)
ikePackets = pcapReader.getISAKMPPackets(netPackets)
respSAPacket = ikeParser.getResponderSAPacket(ikePackets)
respCookie = ikeParser.getCookieFromISAKMP(respSAPacket, True)
respCookieHash = sha256(respCookie).hexdigest()
self.assertEqual(respCookieHash, TestStringMethods.respCookieHash)
def test_respIDHash(self):
netPackets = pcapReader.openPCAPFile(pcapPath)
ikePackets = pcapReader.getISAKMPPackets(netPackets)
respSAPacket = ikeParser.getResponderSAPacket(ikePackets)
respID = ikeParser.getResponderIDFromRespPacket(respSAPacket)
respIDHash = sha256(respID).hexdigest()
self.assertEqual(respIDHash, TestStringMethods.respIDHash)
def test_SAPayloadHash(self):
netPackets = pcapReader.openPCAPFile(pcapPath)
ikePackets = pcapReader.getISAKMPPackets(netPackets)
initSAPacket = ikeParser.getIniatorSAPacket(ikePackets)
SAPayload = ikeParser.getSAPayloadFromInitPacket(initSAPacket)
SAPayloadHash = sha256(SAPayload).hexdigest()
self.assertEqual(SAPayloadHash, TestStringMethods.SAPayloadHash)
def test_targetHash(self):
netPackets = pcapReader.openPCAPFile(pcapPath)
ikePackets = pcapReader.getISAKMPPackets(netPackets)
respSAPacket = ikeParser.getResponderSAPacket(ikePackets)
targetHash = ikeParser.getRespHashfromPacket(respSAPacket)
hashTargetHash = sha256(targetHash).hexdigest()
self.assertEqual(hashTargetHash, TestStringMethods.hashTargetHash)
dhSecret = binascii.unhexlify(
"34B52971CD61F18048EE97D20DA488A4634125F300DC2D1F470BDBB68B989FB999A2721328084C165CBEBDCA0C08B516799132B8F647AE46BD2601028EC7E3954AAF612828826A031FF08B7AE4057CAE0ADB51453BAAE84691705E913BA95067B816385C37D2BD85701501F94A1AA27FFC20A9546EC9DEFF8A1CB33588819A55"
)
pcapPath = "pcaps/ikev1-psk-main-mode-incomplete.pcapng"
#pcapPath = "pcaps/ikev1-psk-aggressive-mode-simple.pcapng"
#dictPath = "dict/list-simple.txt"
dictPath = "dict/list.txt"
# idHex = ...||PayloadLength||IDType||ProtocolID||Port||IPAddress
idHex = "0800000c01000000c0a80064"
idPlainValue = binascii.unhexlify(idHex)
idLength = idHex.__len__()
if __name__ == '__main__':
packets = pcapReader.openPCAPFile(pcapPath)
if (packets.__len__() > 0):
initIP = str(ikeParser.getInitiatorIP(packets))
respIP = str(ikeParser.getResponderIP(packets))
initCookie = ikeParser.getCookieFromPackets(packets, False)
respCookie = ikeParser.getCookieFromPackets(packets, True)
initNonce = ikeParser.getISAKMPPayloadFromPackets(
packets, initIP, ikeParser.NONCE)
respNonce = ikeParser.getISAKMPPayloadFromPackets(
packets, respIP, ikeParser.NONCE)
initKEX = ikeParser.getISAKMPPayloadFromPackets(
packets, initIP, ikeParser.KEX)
respKEX = ikeParser.getISAKMPPayloadFromPackets(
def test_initSAPacket(self):
netPackets = pcapReader.openPCAPFile(pcapPath)
ikePackets = pcapReader.getISAKMPPackets(netPackets)
initSAPacket = ikeParser.getIniatorSAPacket(ikePackets)
initHash = sha256(raw(initSAPacket)).hexdigest()
self.assertEqual(initHash, TestStringMethods.initSAPacketHash)
return hexlify(byteStr)
def computeKeyFromValues(values):
# value-tuple: 0 = pskIR, 1 = nI, 2 = nR
return hmac.new(values[0], msg = values[1] + values[2], digestmod = hashlib.sha1).digest()
def computeHashRFromValues(values):
# value-tuple: 0 = k, 1 = gY, 2 = gX, 3 = ckyR, 4 = ckyI, 5 = SAI, 6 = IDR):
valueSum = values[1] + values[2] + values[3] + values[4]+ values[5] + values[6]
return hmac.new(values[0], valueSum, digestmod = hashlib.sha1).digest()
if __name__ == '__main__':
# 1. open pcap
packets = pcapReader.getISAKMPPackets(pcapReader.openPCAPFile(pcapPath))
# 2. get required values
initSAPacket = packets[0]
respSAPacket = packets[1]
nI = ikeParser.getPayloadFromISAKMP(initSAPacket, "ISAKMP_payload_Nonce")
nR = ikeParser.getPayloadFromISAKMP(respSAPacket, "ISAKMP_payload_Nonce")
gY = ikeParser.getPayloadFromISAKMP(respSAPacket, "ISAKMP_payload_KE")
gX = ikeParser.getPayloadFromISAKMP(initSAPacket, "ISAKMP_payload_KE")
ckyR = ikeParser.getCookieFromISAKMP(respSAPacket, True)
ckyI = ikeParser.getCookieFromISAKMP(respSAPacket, False)
SAI = ikeParser.getSAPayloadFromInitPacket(initSAPacket)
IDR = ikeParser.getResponderIDFromRespPacket(respSAPacket)
knownCiphertext = ikeParser.getPayloadFromISAKMP(respSAPacket, "ISAKMP_payload_Hash")
# 3. read dict line by line
