Home Explore Help
Sign In
cbocovic
/
slitheen
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

modified proxy code to write hellos to file

cbocovic 8 years ago
parent
aaf56e91d9
commit
c55efda5eb
5 changed files with 64 additions and 15 deletions
Split View Show Diff Stats
  1. 2 2
      client/Makefile
  2. 6 6
      client/ptwist168.c
  3. 12 1
      client/rclient.c
  4. 6 6
      client/testget.c
  5. 38 0
      server/slitheen-proxy.c

+ 2 - 2
client/Makefile
View File 

@@ -6,8 +6,8 @@ all: $(TARGETS)
 
 
 rclient.o ptwist168.o testget.o:: ptwist.h
 
 
-testget: testget.o rclient.o ptwist168.o ptwist.h 
-	gcc -g -o $@ $^ -L../../../openssl/run/lib -lssl -lcrypto -ldl
 
+testget: testget.o rclient.o ptwist168.o ptwist.h
 
+	gcc -g -o $@ $^ -I/home/cbocovic/Documents/openssl/run/include/openssl libssl.a libcrypto.a -ldl
 
 
 clean:
 
 	-rm *.o

+ 6 - 6
client/ptwist168.c
View File 

@@ -104,19 +104,19 @@ typedef coord point[3];
 
 #include <stdio.h>
 
 #include <stdlib.h>
 
 
-static void dump_coord(const char *label, const coord c)
 
+/*static void dump_coord(const char *label, const coord c)
 
 {
 
     if (label) fprintf(stderr, "%s: ", label);
 
     printf("%016lx %016lx %016lx\n", c[2], c[1], c[0]);
 
-}
 
+}*/
 
 
-static void dump_point(const char *label, point p)
 
+/*static void dump_point(const char *label, point p)
 
 {
 
     if (label) fprintf(stderr, "%s:\n", label);
 
     dump_coord(" x", p[0]);
 
     dump_coord(" y", p[1]);
 
     dump_coord(" z", p[2]);
 
-}
 
+}*/
 
 
 /* Field element represented as a byte arrary.
 
  * 21*8 = 168 bits is also the group order size for the elliptic curve.  */
 
@@ -841,7 +841,7 @@ static void point_add(fslice x3[3], fslice y3[3], fslice z3[3],
 
 	select_conditional(z3, zout, z1, 3, z2_is_zero);
 
 	}
 
 
-static void affine(point P)
 
+/*static void affine(point P)
 
 {
 
     coord z1, z2, xin, yin;
 
     uint128_t tmp[7];
 
@@ -856,7 +856,7 @@ static void affine(point P)
 
     felem_contract(P[1], yin);
 
     memset(P[2], 0, sizeof(coord));
 
     P[2][0] = 1;
 
-}
 
+}*/
 
 
 static void affine_x(coord out, point P)
 
 {

+ 12 - 1
client/rclient.c
View File 

@@ -126,8 +126,9 @@ static void gen_tag(byte *tag, byte key[16],
 
 int tag_hello(unsigned char *target)
 
 {
 
     FILE *fp;
 
-    int res;
 
+    int res, i;
 
     byte *tag;
 
+	char output[PTWIST_TAG_BYTES+1];
 
 
     /* Create the generators */
 
     memset(maingen, 0, PTWIST_BYTES);
 
@@ -156,6 +157,16 @@ int tag_hello(unsigned char *target)
 
 	tag = target;
 
 
 	gen_tag(tag, key, (const byte *)"context", 7);
 
+    fp = fopen("tags", "wb");
 
+    if (fp == NULL) {
 
+		perror("fopen");
 
+		exit(1);
 
+    }
 
+	for(i=0; i< PTWIST_TAG_BYTES; i++){
 
+		fprintf(fp, "%02x ", tag[i]);
 
+	}
 
+	printf("\n");
 
+	fclose(fp);
 
 
     return 0;
 
 }

+ 6 - 6
client/testget.c
View File 

@@ -29,13 +29,13 @@ typedef struct {
 
 
 int tag_flow(SSL *s){
 
 	unsigned char *result;
 
-	int len, i;
 
+	int len;
 
 
 	result = s->s3->client_random;
 
 	len = sizeof(s->s3->client_random);
 
 
-	if(len > PTWIST_TAG_BYTES) {
 
-		printf("Uhoh");
 
+	if(len < PTWIST_TAG_BYTES) {
 
+		printf("Uhoh\n");
 
 		return 1;
 
 	}
 
 	tag_hello((byte *) result);
 
@@ -93,11 +93,11 @@ connection *sslConnect (void)
 
       // Register the available ciphers and digests
 
       SSL_library_init();
 
 
-      // New context saying we are a client, and using SSL 2 or 3
 
-      c->sslContext = SSL_CTX_new (SSLv23_client_method ());
 
+      // New context saying we are a client, and using TLSv1.2
 
+      c->sslContext = SSL_CTX_new (TLSv1_2_method());
 
 
 	  //Tag the client hello message with Telex tag
 
-	  SSL_CTX_set_client_hello_callback(c->sslContext, tag_hello);
 
+	  SSL_CTX_set_client_hello_callback(c->sslContext, tag_flow);
 
       if (c->sslContext == NULL)
 
         ERR_print_errors_fp (stderr);

+ 38 - 0
server/slitheen-proxy.c
View File 

@@ -3,18 +3,56 @@
 
 
 #define macaddr "08:00:27:e8:9d:d4"
 
 
+//Definitions for parsing packet data
 
+#define ETHER_ADDR_LEN 6
 
+#define ETHER_HDR_LEN  2*ETHER_ADDR_LEN + 2
 
+#define RECORD_HDR 5
 
+#define CLIENT_HELLO_HDR 4
 
+#define CLIENT_HELLO_RAND 32
 
+
 
 void got_packet(u_char *args, const struct pcap_pkthdr *header, const u_char *packet);
 
 
+//TODO: look for slitheen tag. The ClientHello message starts at offset 0x4d of packet after TCP 3-way handshake and has flag [P.].
 
+//For now, write *all* clientHello msgs to a file
 
 void got_packet(u_char *args, const struct pcap_pkthdr *header, const u_char *packet){
 
 	pcap_t *handle;
 
 	char errbuf[BUFSIZ];
 
 	char *writedev = args;
 
 	int i;
 
+	unsigned char *p;
 
+	FILE *fp;
 
 
 	handle = pcap_open_live(writedev, BUFSIZ, 1, 1000, errbuf);
 
 	if (handle == NULL){
 
 		fprintf(stderr, "Couldn't open device %s: %s\n", writedev, errbuf);
 
 	}
 
+	/* check for clientHello */
 
+	p = packet;
 
+	p += ETHER_HDR_LEN; //skip ethernet header
 
+	p += (p[0] & 0x0f)*4;	//skip IP header
 
+	p += 12; //skip first part of TCP header
 
+	p += (p[0] >> 4)*4 - 12; //skip rest of TCP header
 
+	//check for handshake message
 
+	if (p[0] == 0x16){
 
+		p += RECORD_HDR;
 
+		if (p[0] == 0x01){
 
+			p += CLIENT_HELLO_HDR;
 
+			p += 2; //dunno what these are
 
+			//now pointing to hello random :D
 
+			fp = fopen("tags", "wb");
 
+			if (fp == NULL) {
 
+				perror("fopen");
 
+				exit(1);
 
+			}
 
+			//Write ClientHello random nonce to file
 
+			for(i=0; i< 32; i++){
 
+				fprintf(fp, "%02x ", tag[i]);
 
+			}
 
+			printf("\n");
 
+			//fwrite(tag, CLIENT_HELLO_RAND, 1, fp);
 
+			fclose(fp);
 
+		}
 
+	}	
 
 	if((pcap_inject(handle, packet, header->len)) < 0 ){
 
 		fprintf(stderr, "Error: %s\n", pcap_geterr(handle));