This repository has been archived by the owner on Dec 6, 2023. It is now read-only.
test pull #103
Open
test pull #103
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
These handler methods get a first pass at socket data before the consuming recv. These can be used to, for example, hook into libraries that read from sockets themselves or otherwise consume the data in the handler. This is the start of moving all the SSL MiTM code out of Connection and into SSL specific handlers as well as adding handlers dynamically. This change is pretty straightfoward except for the work to be done to support peek on mitm'd connections. pyOpenSSL does not support peek so we need to read into a buffer and read from that when peeking. This requires some pretty hacky code to keep select working correct on a connection where there is data remaning in the peek buffer as the underlying socket is no longer ready to be selected for reading (as it would be with real MSG_PEEK) so in that case we use a different fd for select that is always ready for reading.
Add peek_request and peek_response
1) tls.parse_tls now handles messages split over multiple records. If kwarg throw_on_incomplete is True then if more records are needed a tls.types.TlsMessageFragmentedError will be thrown, and if the record was incomplete a tls.types.TlsRecordIncompleteError will be thrown. 2) TlsRecord.to_bytes() will now split the wire representation into multiple TlsRecords if the size of the messages is greater than max_fragment_size (2**12). 3) Callers of the old parse_tls or TlsRecord.from_stream have been refactored to use the new method 4) Tests, :O
TlsRecordHandler handles buffering of TlsRecords in a connection, handlers that want to do things based on records (eithe passive or replacing records) can extend this class and implement on_tls_request and on_tls_response. In active TlsRecordHandlers these two methods return the _bytes_ to sent on the wire in the place of the provided record. This allows you to send completely different records, inject your own, or modify the incomin record arbitrarily.
This migration included a change to the Gradle build system and modifications to the project file structure. A summary of the changes in migrating from Eclipse ADT to Android Studio is described at: https://developer.android.com/tools/studio/eclipse-transition-guide.html
Migrate Android client project to Android Studio
Migrate Android test client project to Android Studio
Add a TLS Record base handler
Adds a reverse proxy mode whereby clients connect directly to the
reverse proxy, and the proxy forwards the connection to a target host
and port specified on the command line or config. For example:
$ python -m nogotofail.mitm -A invalidhostname \
--mode reverse --port 443 --serverssl server.crt \
--target_addr www.example.com --target_port 443
The reverse proxy mode makes it trivial to test a client that always
connects to a specific server port, as it doesn't require socks or
transparent proxy.
That said, the mode has some limitations. It cannot be used in cases
where the client needs to connect to multiple servers/ports. Also, it
doesn't rewrite HTTP headers, e.g. Host, so the values may be incorrect
when received by the real server, and when responses are received by the
client.
Target addr and port are required when using reverse mode. Print an error to stderr if they are omitted or incorrect and exit with 2, similar to what happens when the type of argument doesn't match.
There was a copy/paste error where if the client enabled EXPORT ciphers we would log the `integ_ciphers` from the previous check in the attack event. Change to `export_ciphers` instead.
Log the export ciphers in the attack event
|
Thanks for your pull request. It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). 📝 Please visit https://cla.developers.google.com/ to sign. Once you've signed, please reply here (e.g.
|
|
I signed it! Regards,
http://in.linkedin.com/pub/nikhil-george/30/b62/93a On Wed, May 18, 2016 at 10:28 PM, googlebot [email protected]
|
Nogotofail omitted the seconds portion of the notAfter date, which
causes openjdk 1.8 to fail to parse the string as a GeneralizedTime[1]:
java.io.IOException: Parse Generalized time, invalid offset
This can lead to false negatives in otherwise vulnerable SSL clients.
Since notBefore includes seconds, include them for notAfter for greater
compatibility. This affects both the selfsigned and invalidhostname
attacks.
[1] https://github.com/openjdk-mirror/jdk/blob/c5294eda494101e62dc4c0eaa946ebe9ce60cd6b/src/share/classes/sun/security/util/DerInputBuffer.java#L392-L396
Include seconds in notAfter date
Add reverse proxy mode
In the refactor of TLSHandlers the logic for splitting uneeded records out in on_response was done incorrect and so would add an entire copy of the TLS record for each message in the record before the ServerKeyExchange Fixes #107
Fix record building in serverkeyreplace
This switches the OpenVPN tunnel from Blowfish with SHA-1 HMAC to 128-bit AES with SHA-256 HMAC. Moreover, client configuration now requires that server certificate is permitted to be used for server authentication (as signalled by the certificate's Key Usage and Extended Key Usage extensions). This is to prevent one client of the server from being able to use its client certificate to MiTM other clients of the server. This is needed because in the current setup server and client certs are issued from the same CA.
Fix broken headings in Markdown files
|
Thanks for your pull request. It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). 📝 Please visit https://cla.developers.google.com/ to sign. Once you've signed, please reply here (e.g.
|
Due to poor variable naming old clients from the same IP address were not getting removed as designed. This also cleans up the blame server code a bit, which has been untouched since nogotofail was a prototype and enables pruning of old clients.
Harden OpenVPN configuration
This enables us to: * Abandon the floating client patch because floating is a standard feature in OpenVPN 2.4. * Switch from DHE to ECDHE for the TLS connection and avoid wasting large amounts of time during setup to generate 2048-bit DH parameters. * Switch data channel packet encryption/authentication from AES-CBC with SHA-256 HMAC to AES-GCM.
Upgrade to OpenVPN 2.4.2
Now that we switched to OpenVPN 2.4, we no longer need the client-side IPv6 blackholing trick. Remove!
grammar fix
Fix issue with ipv6 sockets and SO_ORIGINAL_DST
This is based on the private key = 1 with G = Q in a new group attack. The Q used was the public key of one of the trusted CAs who had an EC key. Test: Locally tested with Windows device with and without fixes deployed.
1) Move to sha256 to avoid sha1 deprecation 2) Fix date usage to avoid parse errors
Fix classname of ExplicitCurveMiTM
|
I signed it |
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.