Exemplo n.º 1
1
def client(sock_type, do_wrap, listen_addr):
    do_patch()  # we might be in a new process
    sock = socket.socket(AF_INET4_6, sock_type)
    if do_wrap:
        wrap = ssl.wrap_socket(sock, ciphers="NULL")
    else:
        wrap = sock
    wrap.connect(listen_addr)
    transfer_out(wrap)
    drops = transfer_in(wrap)
    wrap.shutdown(socket.SHUT_RDWR)
    wrap.close()
    return drops
Exemplo n.º 2
0
    def init_config(self, **args):
        """Initialize the package configuration according to the configuration file. Usually, this function should be
           called before other function calls. It reads the configuration files according to the given keywords list
           and initialize the DTLS environment.
           The acceptable keywords are: config, SK, CERT, TYPE, CACERT, CERT_REQS.
           Specifically, the keyword "config" sets the configuration file of the class.
           If arguments are passed to this function, the specified configuration file will be updated.

        :param args: dictionary of passed arguments.
        """
        if args.get('config', '') != '':
            self.dtls_cnf = os.path.expanduser(args['config'])
        if not os.path.isfile(self.dtls_cnf):
            raise IOError('configuration file \"' + self.dtls_cnf +
                          '\" doesn\'t exist or it is not a file.')
        self.config = self.utl.read_config(self.dtls_cnf, self.config)
        # Set run-time configuration which will overwrite the settings in configuration file.
        update = 0
        for key, value in self.config.iteritems():
            if args.get(key, '') != '' and args[key] is not None:
                self.config[key] = args[key]
                update += 1
        if update > 0:
            self.utl.update_config(self.dtls_cnf, self.config)
        # Backup configuration file
        self.utl.call('cp -f ' + self.dtls_cnf + ' ' + self.config['TYPE'] +
                      '.dtls.bck',
                      shell=True)
        do_patch()
Exemplo n.º 3
0
    def send_with_dtlslib(self, address):
        from os import path
        import ssl
        from logging import basicConfig, DEBUG
        basicConfig(level=DEBUG)  # set now for dtls import code
        from dtls import do_patch
        from dtls.wrapper import DtlsSocket
        import socket
        import os

        do_patch()
        ISSUER_CERTFILE_EC = os.path.join(
            os.path.dirname(__file__) or os.curdir, "certs", "ca-cert_ec.pem")
        cert_path = path.join(path.abspath(path.dirname(__file__)), "certs")
        s = DtlsSocket(
            socket.socket(socket.AF_INET, socket.SOCK_DGRAM),
            keyfile=None,
            certfile=None,
            #            cert_reqs=ssl.CERT_REQUIRED,
            ssl_version=ssl.PROTOCOL_DTLSv1_2,
            ca_certs=ISSUER_CERTFILE_EC,
            ciphers='ECDHE:EECDH',
            curves='prime256v1',
            sigalgs=None,
            user_mtu=None)
        s.connect(address)
        s.send('Hi there'.encode())
        print(s.recv().decode())
        s = s.unwrap()
        s.close()
Exemplo n.º 4
0
def main():
    do_patch()  # applies DTLS patches to openssl
    host = sys.argv[1]
    port = int(sys.argv[2])
    if check(host, port):
        print "Vulnerable!"
    else:
        print "Not vulnerable!"
Exemplo n.º 5
0
Arquivo: check.py Projeto: medlynx/new
def main():
    do_patch() # applies DTLS patches to openssl
    host = sys.argv[1]
    port = int(sys.argv[2])
    if check(host, port):
        print "Vulnerable!"
	f = open("BlueGate.txt", "a")
	f.write(sys.argv[1])
	f.write("\n")
	f.close()
    else:
        print "Not vulnerable!"
Exemplo n.º 6
0
def client(sock_type, do_wrap, listen_addr):
    do_patch()  # we might be in a new process
    sock = socket.socket(AF_INET4_6, sock_type)
    if do_wrap:
        wrap = ssl.wrap_socket(sock, ciphers="NULL")
    else:
        wrap = sock
    wrap.connect(listen_addr)
    transfer_out(wrap)
    drops = transfer_in(wrap)
    wrap.shutdown(socket.SHUT_RDWR)
    wrap.close()
    return drops
    def __init__(self,
                 request_handler,
                 connector,
                 address="0.0.0.0",
                 server_port=5682,
                 ssl_args=None,
                 *args,
                 **kw):
        """Initializes the CoAP server.

        :param request_handler: Handler called with generated RequestIndications
        :param connector: Base uri used to reach this server (coap://IP:PORT or
                         coaps://IP:PORT)
        :param address: IP listening to
        :param server_port: Port listening to
        :param ssl_args: contains two keywords: "keyfile" and "certfile"
                         containing paths to respective files, None for regular
                         CoAP
        """
        self.server_port = server_port
        self.connector = connector
        self.request_handler = request_handler
        self.subs = {}
        self.address = address
        if address == "::":
            self.__addresses = self._get_addresses(AF_INET6) | \
                               self._get_addresses(AF_INET)
            self._resolve_host = self._resolve_host_ipv6
        elif address in ("", "0.0.0.0"):
            self.__addresses = self._get_addresses(AF_INET)
        else:
            self.__addresses = get_iterable(address)

        do_patch()

        self.logger.debug("Starting Coap Server on %s:%s" %
                          (self.address, self.server_port))

        if ssl_args:
            self.server = DtlsServer((address, self.server_port),
                                     self.handle_request, **ssl_args)
        else:
            self.server = DatagramServer((address, self.server_port),
                                         self.handle_request)

        self.block1_pending_payload = {}
        self.block2_pending_payload = {}
        self.actual_requests = []
        self.req_queue = Queue.Queue()
        start_new_thread(self.request_runner, ())
Exemplo n.º 8
0
    def __init__(self, host, port):
        #print("server_key:"+pem_server_key)
        #print("ca_cert   :"+pem_server_key)
        #logger.debug("cert_chain   :"+cert_chain)
        #inicializacao do DTLS
        self.sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
        self.sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
        #
        do_patch()
        self.sock = wrap_server(
            sock=self.sock,
            keyfile=caminho_serv_key,  #pem_server_key, 
            certfile=caminho_server_cert,  #pem_server_key)#,
            ca_certs=caminho_ca_cert,  #,
            ciphers="ECDHE+AESGCM")  #pem_server_key)

        #cert_reqs,
        #ssl_version,

        #,

        #do_handshake_on_connect,
        #suppress_ragged_eofs,
        #ciphers,
        #curves,
        #sigalgs,
        #user_mtu,
        #server_key_exchange_curve,
        #server_cert_options

        logger.debug("inicializou socket ssl")

        #self.sock.bind((host,port))
        self.sock.bind(host_address)
        self.sock.listen(0)
        logger.debug("fez o bind")

        self.server = CoAP((host, port), starting_mid=None, sock=self.sock)
        logger.debug("instanciou servidor")
        #CoAP.__init__(self, (host, port))
        self.server.add_resource('basic/', BasicResource())
        self.server.add_resource('teste', TesteResource())
        self.server.add_resource('sala/teste', TesteResource())
        self.server.add_resource('jardim/teste', TesteResource())
        logger.debug("adicionou recursos")
Exemplo n.º 9
0
#define TLS_ENCRYPTION "AES128-CCM-8"

#define TLS_CIPHER_SUITE TLS_AUTHENTICATION "-" TLS_ENCRYPTION

"""



# pip install Dtls


import ssl
from socket import socket, AF_INET, SOCK_DGRAM
from dtls import do_patch


do_patch()

# https://docs.python.org/3/library/ssl.html#ssl.SSLContext.set_ciphers
context = ssl.create_default_context()
context.set_ciphers('ECDHE-ECDSA-AES128-CCM8')

sock = socket(AF_INET, SOCK_DGRAM)
sslsock = ssl.wrap_socket(sock)
sslsock.connect(('omnireltest2.dev.cyanconnode.com', 5684))
sslsock.send('Hi there')




Exemplo n.º 10
0
 if args.server:
     start_client_manager(args.server)
 suites = {
     "Raw TCP": (socket.SOCK_STREAM, False),
     "Raw UDP": (socket.SOCK_DGRAM, False),
     "SSL (TCP)": (socket.SOCK_STREAM, True),
     "DTLS (UDP)": (socket.SOCK_DGRAM, True),
 }
 selector = {
     0: "Exit",
     1: "Raw TCP",
     2: "Raw UDP",
     3: "SSL (TCP)",
     4: "DTLS (UDP)",
 }
 do_patch()
 while True:
     print("\nSelect protocol:\n")
     for key in sorted(selector):
         print("\t" + str(key) + ": " + selector[key])
     try:
         choice = input("\nProtocol: ")
         choice = int(choice)
         if choice < 0 or choice >= len(selector):
             raise ValueError("Invalid selection input")
     except (ValueError, OverflowError):
         print("Invalid selection input")
         continue
     except EOFError:
         break
     if not choice:
Exemplo n.º 11
0
def main():
    do_patch() # applies DTLS patches to openssl
    host = sys.argv[1]
    port = int(sys.argv[2])
    dos(host, port)
Exemplo n.º 12
0
import threading

from ctypes import (
    c_char,
    c_char_p,
    c_int,
    c_uint,
    c_void_p,
    CFUNCTYPE,
    POINTER,
    memmove,
)

import dtls

dtls.do_patch()

_LOGGER = logging.getLogger(__name__)

SSL_CB_ALERT = 0x4000  # /* used in callback */

CLIENTPSKFUNC = CFUNCTYPE(
    c_uint,
    c_void_p,
    c_char_p,
    POINTER(c_char),
    c_uint,
    POINTER(c_char),
    c_uint,
)
SERVERPSKFUNC = CFUNCTYPE(c_uint, c_void_p, c_char_p, POINTER(c_char), c_uint)