def INIT_TLS_SESSION(self):
self.cur_session = tlsSession(connection_end="client")
self.cur_session.client_certs = self.mycert
self.cur_session.client_key = self.mykey
v = self.advertised_tls_version
if v:
self.cur_session.advertised_tls_version = v
else:
default_version = self.cur_session.advertised_tls_version
self.advertised_tls_version = default_version
raise self.CONNECT()
def INIT_TLS_SESSION(self):
self.cur_session = tlsSession(connection_end="client")
self.cur_session.client_certs = self.mycert
self.cur_session.client_key = self.mykey
v = self.advertised_tls_version
if v:
self.cur_session.advertised_tls_version = v
else:
default_version = self.cur_session.advertised_tls_version
self.advertised_tls_version = default_version
raise self.CONNECT()
def INIT_TLS_SESSION(self):
"""
XXX We should offer the right key according to the client's suites. For
now server_rsa_key is only used for RSAkx, but we should try to replace
every server_key with both server_rsa_key and server_ecdsa_key.
"""
self.cur_session = tlsSession(connection_end="server")
self.cur_session.server_certs = [self.mycert]
self.cur_session.server_key = self.mykey
if isinstance(self.mykey, PrivKeyRSA):
self.cur_session.server_rsa_key = self.mykey
#elif isinstance(self.mykey, PrivKeyECDSA):
# self.cur_session.server_ecdsa_key = self.mykey
raise self.WAITING_CLIENTFLIGHT1()
def INIT_TLS_SESSION(self):
"""
XXX We should offer the right key according to the client's suites. For
now server_rsa_key is only used for RSAkx, but we should try to replace
every server_key with both server_rsa_key and server_ecdsa_key.
"""
self.cur_session = tlsSession(connection_end="server")
self.cur_session.server_certs = [self.mycert]
self.cur_session.server_key = self.mykey
if isinstance(self.mykey, PrivKeyRSA):
self.cur_session.server_rsa_key = self.mykey
#elif isinstance(self.mykey, PrivKeyECDSA):
# self.cur_session.server_ecdsa_key = self.mykey
raise self.WAITING_CLIENTFLIGHT1()
def INIT_TLS_SESSION(self):
self.cur_session = tlsSession(connection_end="client")
s = self.cur_session
s.client_certs = self.mycert
s.client_key = self.mykey
v = self.advertised_tls_version
if v:
s.advertised_tls_version = v
else:
default_version = s.advertised_tls_version
self.advertised_tls_version = default_version
if s.advertised_tls_version >= 0x0304:
if self.tls13_psk_secret:
s.tls13_psk_secret = binascii.unhexlify(self.tls13_psk_secret)
raise self.CONNECT()
def INIT_TLS_SESSION(self):
self.cur_session = tlsSession()
self.cur_session.client_certs = self.mycert
self.cur_session.client_key = self.mykey
raise self.CONNECT()
def INIT_TLS_SESSION(self):
self.cur_session = tlsSession(connection_end="client")
s = self.cur_session
s.client_certs = self.mycert
s.client_key = self.mykey
v = self.advertised_tls_version
if v:
s.advertised_tls_version = v
else:
default_version = s.advertised_tls_version
self.advertised_tls_version = default_version
if s.advertised_tls_version >= 0x0304:
# For out of band PSK, the PSK is given as an argument
# to the automaton
if self.tls13_psk_secret:
s.tls13_psk_secret = binascii.unhexlify(self.tls13_psk_secret)
# For resumed PSK, the PSK is computed from
if self.session_ticket_file_in:
with open(self.session_ticket_file_in, 'rb') as f:
resumed_ciphersuite_len = struct.unpack("B", f.read(1))[0]
s.tls13_ticket_ciphersuite = \
struct.unpack("!H", f.read(resumed_ciphersuite_len))[0]
ticket_nonce_len = struct.unpack("B", f.read(1))[0]
# XXX add client_session_nonce member in tlsSession
s.client_session_nonce = f.read(ticket_nonce_len)
client_ticket_age_len = struct.unpack("!H", f.read(2))[0]
tmp = f.read(client_ticket_age_len)
s.client_ticket_age = struct.unpack("!I", tmp)[0]
client_ticket_age_add_len = struct.unpack("!H",
f.read(2))[0]
tmp = f.read(client_ticket_age_add_len)
s.client_session_ticket_age_add = struct.unpack("!I",
tmp)[0]
ticket_len = struct.unpack("!H", f.read(2))[0]
s.client_session_ticket = f.read(ticket_len)
if self.resumption_master_secret:
if s.tls13_ticket_ciphersuite not in _tls_cipher_suites_cls: # noqa: E501
warning("Unknown cipher suite %d" %
s.tls13_ticket_ciphersuite) # noqa: E501
# we do not try to set a default nor stop the execution
else:
cs_cls = _tls_cipher_suites_cls[
s.tls13_ticket_ciphersuite] # noqa: E501
hkdf = TLS13_HKDF(cs_cls.hash_alg.name.lower())
hash_len = hkdf.hash.digest_size
s.tls13_psk_secret = hkdf.expand_label(
binascii.unhexlify(
self.resumption_master_secret), # noqa: E501
b"resumption",
s.client_session_nonce, # noqa: E501
hash_len)
raise self.CONNECT()
def decryptTLSStream(self):
"""
Generator function that decrypts an RDP stream that uses TLS.
"""
tpktParser = TPKTParser()
tls = None
clientRandom = None
serverRandom = None
currentTimeStamp = None
reconstructingRecord = False
savedRecord = None
savedPayload = b""
tlsKeyGenerated = False
for packet in self.packets:
ip = packet.getlayer(IP)
tcp = packet.getlayer(TCP)
if len(tcp.payload) == 0 or tcp.flags & TCPFlags.PSH == 0:
continue
currentTimeStamp = packet.time
currentSrc = ip.src
currentDst = ip.dst
# The first couple messages don't use TLS. Check if it's one of those messages and output it as is.
if hasattr(tcp, "load") and tpktParser.isTPKTPDU(tcp.load):
yield PCAPStream.output(tcp.load, currentTimeStamp, ip.src,
ip.dst)
continue
# Create the TLS session context.
if not tls:
tls = tlsSession(
ipsrc=ip.src,
ipdst=ip.dst,
sport=tcp.sport,
dport=tcp.dport,
connection_end="server",
)
if tls.ipsrc != ip.src:
tls = tls.mirror()
# Pass every TLS message through our own custom session so the state is kept properly
record = packet[TLS]
record = TLS(bytes(record), tls_session=tls)
for msg in record.msg:
if isinstance(msg, TLSClientHello):
clientRandom = pkcs_i2osp(msg.gmt_unix_time,
4) + msg.random_bytes
elif isinstance(msg, TLSServerHello):
serverRandom = pkcs_i2osp(msg.gmt_unix_time,
4) + msg.random_bytes
elif isinstance(msg, TLSNewSessionTicket):
# Session established, set master secret.
tls.rcs.derive_keys(
client_random=clientRandom,
server_random=serverRandom,
master_secret=self.masterSecret,
)
tls.wcs.derive_keys(
client_random=clientRandom,
server_random=serverRandom,
master_secret=self.masterSecret,
)
tlsKeyGenerated = True
elif isinstance(msg, TLSApplicationData):
yield PCAPStream.output(msg.data, currentTimeStamp, ip.src,
ip.dst)
def INIT_TLS_SESSION(self):
self.cur_session = tlsSession()
self.cur_session.client_certs = self.mycert
self.cur_session.client_key = self.mykey
raise self.CONNECT()
