0
Ich versuche HTTP/2 GET Anfrage über TLS 1.2 mit Scapy ssl-Bibliothek zu senden. Der Code ist unten angegeben. Ich bekomme keinen Fehler, aber die Webseite wird auch nicht empfangen. Bitte lassen Sie mich wissen, was die Probleme mit dem Code sind.Nicht in der Lage, HTTP/2 GET-Anfrage mit Scapy und Scapy SSL Bibliothek senden
#!/usr/bin/env python
# -*- coding: utf-8 -*-
from __future__ import with_statement
from __future__ import print_function
import socket
import sys
try:
# This import works from the project directory
from scapy_ssl_tls.ssl_tls import *
except ImportError:
# If you installed this package via pip, you just need to execute this
from scapy.layers.ssl_tls import *
tls_version = TLSVersion.TLS_1_2
def tls_hello(sock):
client_hello = TLSRecord(version=tls_version)/TLSHandshake() /\
TLSClientHello(version=tls_version, compression_methods=[TLSCompressionMethod.NULL, ],
cipher_suites=[TLSCipherSuite.ECDHE_RSA_WITH_AES_128_CBC_SHA256, ], extensions=[TLSExtension()/
TLSExtALPN(protocol_name_list=[TLSALPNProtocol(data="h2"),
TLSALPNProtocol(data="h2-16"),
TLSALPNProtocol(data="h2-14"),
TLSALPNProtocol(data="http/1.1"),
])],)
# cipher_suites=[TLSCipherSuite.RSA_WITH_AES_128_CBC_SHA, ])
# cipher_suites=[TLSCipherSuite.RSA_WITH_RC4_128_SHA, ])
# cipher_suites=[TLSCipherSuite.DHE_RSA_WITH_AES_128_CBC_SHA, ])
# cipher_suites=[TLSCipherSuite.DHE_DSS_WITH_AES_128_CBC_SHA, ])
sock.sendall(client_hello)
server_hello = sock.recvall()
server_hello.show()
def tls_client_key_exchange(sock):
client_key_exchange = TLSRecord(version=tls_version)/TLSHandshake()/sock.tls_ctx.get_client_kex_data()
client_ccs = TLSRecord(version=tls_version)/TLSChangeCipherSpec()
sock.sendall(TLS.from_records([client_key_exchange, client_ccs]))
sock.sendall(to_raw(TLSFinished(), sock.tls_ctx))
server_finished = sock.recvall()
server_finished.show()
def tls_client(ip):
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
sock.connect(ip)
sock = TLSSocket(sock, client=True)
print("Connected to server: %s" % (ip,))
except socket.timeout:
print("Failed to open connection to server: %s" % (ip,), file=sys.stderr)
else:
tls_hello(sock)
tls_client_key_exchange(sock)
print("Finished handshake. Sending application data (GET request)")
print("+++++++++++++++++")
sock.sendall(to_raw(TLSPlaintext(data="PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n"), sock.tls_ctx))
#sock.sendall(to_raw(TLSPlaintext(data="GET/HTTP/1.1\r\nHOST: localhost\r\n\r\n"), sock.tls_ctx))
print("+++++++++++++++++")
resp = sock.recvall()
print("Got response from server")
resp.show()
print(sock.tls_ctx)
finally:
sock.close()
if __name__ == "__main__":
if len(sys.argv) > 2:
server = (sys.argv[1], int(sys.argv[2]))
else:
server = ("127.0.0.1", 443)
tls_client(server)
Die Ausgabe, die ich erhalte ist:
Connected to server: ('127.0.0.1', 443)
###[ SSL/TLS ]###
\records \
|###[ TLS Record ]###
| content_type= handshake
| version = TLS_1_2
| length = 0x55
|###[ TLS Handshake ]###
| type = server_hello
| length = 0x51
|###[ TLS Server Hello ]###
| version = TLS_1_2
| gmt_unix_time= 1964528416
| random_bytes= '\xa5\x11\x11\x81\xc3V\x03Q\xdb>\x8b\x1d\x9e\x13\xa7\xfelT\x80\x97\xf5\x06.4\x18\xc8\x85X'
| session_id_length= 0x20
| session_id= '\x93\xfd\x95\xbc\x1d68w\x19{8\x83dz\xb4\\r\x81\xb7&\xb5\x14\x1d\xfc<fR\x00\xe7\xd3{\x90'
| cipher_suite= ECDHE_RSA_WITH_AES_128_CBC_SHA256
| compression_method= NULL
| extensions_length= 0x9
| \extensions\
| |###[ TLS Extension ]###
| | type = application_layer_protocol_negotiation
| | length = 0x5
| |###[ TLS Extension Application-Layer Protocol Negotiation ]###
| | length = 0x3
| | \protocol_name_list\
| | |###[ TLS ALPN Protocol ]###
| | | length = 0x2
| | | data = 'h2'
|###[ TLS Record ]###
| content_type= handshake
| version = TLS_1_2
| length = 0x41f
|###[ TLS Handshake ]###
| type = certificate
| length = 0x41b
|###[ TLS Certificate List ]###
| length = 0x418
| \certificates\
| |###[ TLS Certificate ]###
| | length = 0x415
| | \data \
| | |###[ Raw ]###
| | | load = '0\x82\x04\x110\x82\x02\xf9\xa0\x03\x02\x01\x02\x02\t\x00\xf6\x7f)\x04Yq\x7f\x830\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\x000\x81\x9e1\x0b0\t\x06\x03U\x04\x06\x13\x02IN1\x170\x15\x06\x03U\x04\x08\x0c\x0eMadhya-Pradesh1\x0f0\r\x06\x03U\x04\x07\x0c\x06Indore1\x130\x11\x06\x03U\x04\n\x0c\nIIT Indore1\r0\x0b\x06\x03U\x04\x0b\x0c\x04DCSE1\x180\x16\x06\x03U\x04\x03\x0c\x0fhttp2.nikhil.me1\'0%\x06\t*\x86H\x86\xf7\r\x01\t\x01\x16\[email protected]\x1e\x17\r170403070657Z\x17\r200402070657Z0\x81\x9e1\x0b0\t\x06\x03U\x04\x06\x13\x02IN1\x170\x15\x06\x03U\x04\x08\x0c\x0eMadhya-Pradesh1\x0f0\r\x06\x03U\x04\x07\x0c\x06Indore1\x130\x11\x06\x03U\x04\n\x0c\nIIT Indore1\r0\x0b\x06\x03U\x04\x0b\x0c\x04DCSE1\x180\x16\x06\x03U\x04\x03\x0c\x0fhttp2.nikhil.me1\'0%\x06\t*\x86H\x86\xf7\r\x01\t\x01\x16\[email protected]\x82\x01"0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\n\x02\x82\x01\x01\x00\xe1\xc3\x9cN\xc7gDz\xces\xca\'F&\x17\xcb\xe8e\xea\xdd_\x07\x9a\xab\xbf\xc6$\xfe\xf7\x84\x9d\x97|H\xdd3\xfdi\xbf\x17\xfe\x92\xad\x99..q\x97\x00\xcf\xad\xbcd\xe1j\x9e\x9b\xbcq\r\xd2~ \x98\xc8\x8c\x11\xdc\xd3G\x8e\x19b\x98\xde\xff\x13\xae{\xf4\x86\x99\xda\xb3(\\\xad\xd4B\x89\xb1\xdf?\x02\x04P\xe3\xe5\xe4\xa3\x13\xae>\x1e\xff\x18\x12\xd2x\x05\xa8\x88\xffY\xad\xbb\xfc\x95\x06|\xda\x8du&\xe6\'\xdd\xe3bY\xbd\x00\x9c\x14\xb6Kf\xbfu\x96\x87B\x80\x11\xe5d\x90\x0f\x05\x8f,\x95:1\xc1p[\x17\xe7c\x17{+\xc1\x03w\x87\xc1\xc2\x07\x9a<\x96\xa1\x9e\xa2e\xa5Rs\x88x\xd8m\xed\xa4h\xba\x83\xf9m\xd6H\xe0\xf4\x19\x97\xces\xe1\x04\x97\x1ae\xffV\xe6|\xdfV\xd5Q!Z6\xa0\x19C\xe5\xfd\n\xb5P\x9ch\x992\xf8\xce\x85\x15\xb1<\xd2\x95\x06\xa9\x9a\xdf\xa8\xef\x0e2\xa55\xb1Y\x19\x06\xb2y<\xea37e\x02\x03\x01\x00\x01\xa3P0N0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x149\xfe=n\x15\xa9P\xc5\xd4\x07\x8bF5\xa8\x05N\x0e\xa4\xf6\xa20\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x149\xfe=n\x15\xa9P\xc5\xd4\x07\x8bF5\xa8\x05N\x0e\xa4\xf6\xa20\x0c\x06\x03U\x1d\x13\x04\x050\x03\x01\x01\xff0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\xbck\x1c\xfb\xc9\xac]\x04\x12b\xc5\xf4!~\xb7\xc6\xa6Q[\x00S\xf2\xb1\xbe\xa1\x8fv\xb0\x90\[email protected]\x10m<1\xe2\x9c\xf0\x1c\x922|\xde\x02?(#\xee{\xca\xc0\xc1\xe0\x88\xde6\x18,P\xa5\\\xb7\xa8\xa4\x80\xd6w\xc4\x99\xea:\xcf8\xd6\xbd(\xf2\xd7\x85j\x9f\xf7\x7f8\xd8\xcb\xf5?aIM\x97\x988\xe3\xe8t\xf4\x14\x95\xdeI\xc4\xce0\x9c\xbe\xdc7\x1d\xd6<OT\x811\xc2\x9f\xee\x7f{\xd5hJ\x0f\xa6\x8f\xe6\x7f\x18\xcd\x1f\\/\xa2&\xff\x83ee-\x83\x81\xb6\xbe\x05\xd23\xee\xf6\xae\x8e\x8fr\x80\xa0wai\x14Q\xa9\x85\[email protected]\xa6\x11(\x12(\xf9t\xdc& v\x7fw\xab\xc7\xda\xcfOU\x08\xa8\xcf^\xc0z\xfao=I"\x9e<*[\r\t\xc5}\xe3\t\x07\xf07\xd7\xc3\xf7\x1d\xa55\x00w\xdc=\xf0\xae\xec|\xc1\x97\x00\xa4\x9a\xf5e\x05\x92D\x1bl\xa7\xda\xf5\x80*\x96\xfe"J\x9c:\xdb(u\xaf5\x0b\x1cq'
|###[ TLS Record ]###
| content_type= handshake
| version = TLS_1_2
| length = 0x14d
|###[ TLS Handshake ]###
| type = server_key_exchange
| length = 0x149
|###[ TLS Server Key Exchange ]###
|###[ TLS EC Diffie-Hellman Server Params ]###
| curve_type= named_curve
| curve_name= secp256r1
| p_length = 0x41
| p = '\x04\xa8\x11\x0e\x90\x03\xf2\xc3~{=\x8dN\xd4\x1a6bZc0\xac\x02\xc8+\xe09\xaf\x83CO\xa4Z\x99\xc2h\x84\xc0\xb0\xd95Ogp\x949\xcb\xfc/E\tF\x99\xa5\x11\xd8\xb0+\xfd\xa4\xfb\x0c\x01h\xcb1'
| hash_type = sha1
| sig_type = rsa
| sig_length= 0x100
| sig = "C}\x0f\x02\xf0\xd2\xf1\x91\x01\xae`Gy\\\xf4'\xba\\\x1f\xd8\xbc\xd0\xca\x9e\xff\x9d\xb4\x83t\xdai/IP\xc7\xa0\x9b'\xcc{\xec[\xc7W\x1d\xb0\xd9\x11\xbb\xb8R\xad\xf0\xf6\xcaA{t\x18o/\x8e\xf6\x86\xba2C\xfe`j\xc9=\xd0w\xfbx\xaa\xa6S\x9b\xf8\x80\xf0\x16\xf8\xc1E\xbf\xba\xe1j\xbd\x03u_x}\xae\x86\x7f,U\xf9\xf0\\f\xef\xa5\xa7\xa3\xca`6\x93kH\xfe\xedy\xfc\xb2\xd7\xec\\\x9eg\xc8Ae\x125\xb4\xb1\xa0)\xbd\xc5\[email protected]\xee\xcc;3rk\xdey\x81%\x014GH\x9fU\xa1&\x14\x9d\x81<Zu\x95\x14I\xbaEY\xac(\x08nea)\x12\x0fo\xc4\xde\xc2D\x16XA\xcb\x08\x8b\xe0\xebe\x0b\xbb\xfe\xe8\xd7j\xecT\x8a\xbe\xd7V\x8by\x01\xd9\xce\x11\x02\xd1\xa3\xf3\x14\x9a=\xe0\xbf\xe3\xc8=\x0f\xce\x9a\xc2\xb2\x85\x1a\x16y#[+y\xefq\xb3?\x8f=}\x91\xc9\x06\xe0[\xce;\x92n_\x91\xb9m^"
|###[ TLS Record ]###
| content_type= handshake
| version = TLS_1_2
| length = 0x4
|###[ TLS Handshake ]###
| type = server_hello_done
| length = 0x0
###[ SSL/TLS ]###
\records \
|###[ TLS Record ]###
| content_type= change_cipher_spec
| version = TLS_1_2
| length = 0x1
|###[ TLS ChangeCipherSpec ]###
| message = '\x01'
|###[ TLS Record ]###
| content_type= handshake
| version = TLS_1_2
| length = 0x50
|###[ TLS Handshake ]###
| type = finished
| length = 0xc
| explicit_iv= 'g\xb2N\xb3y,\xa9\n\xc6\x9d\xc7m\xc9\xe5\x11['
| mac = '\xdaw0\x9fF\xd3\xa7?P\xf26\xa5\xb8`A\x90p\x07G\xfa\x92\xe2\x86\x98\x02\x94G\xc0\x90\xe2\xc2\xd2'
| padding = '\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f'
| padding_len= 0xf
|###[ TLS Handshake Finished ]###
| data = '\x87\x1f!\xc7\x177&\xd7\xcb\x1b$\x00'
|###[ TLS Record ]###
| content_type= application_data
| version = TLS_1_2
| length = 0x60
|###[ TLS Plaintext ]###
| data = '\x00\x00\x1a\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0cUnknown error code'
| explicit_iv= '\xac3`\x01\xcdF3\x1b\x98H\xcc\xe2\xb6\x97\xa1\xca'
| mac = '\xf8l5\xab\x044>\xd4\x17F\xba\xe0\xff:\xbf\xed\xcbf \xcf\x1f\xd0\xb8\xc2\xd5\xec\x05\xc2e\x01\xcd_'
| padding = '\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c'
| padding_len= 0xc
|###[ TLS Record ]###
| content_type= alert
| version = TLS_1_2
| length = 0x40
|###[ TLS Alert ]###
| level = warning
| description= close_notify
| explicit_iv= '\x89\r\xf5\xbe,R\x0e8\xad5c\x05\x99\xea\xeb\x80'
| mac = 'c\xef\x08\xbfI\xf5\x85E\xd9\xb8\xa5C\[email protected]\xdc\xf6\x96\x03\xdb\xb4\x0b\xb7\x04\x84?\x80R\xa8\xfd\xaa\x16\x99'
| padding = '\r\r\r\r\r\r\r\r\r\r\r\r\r'
| padding_len= 0xd
Finished handshake. Sending application data (GET request)
+++++++++++++++++
+++++++++++++++++
Got response from server
###[ SSL/TLS ]###
\records \
<TLSSessionCtx: id=140259983147536
params.handshake.client=<TLSClientHello version=TLS_1_2 cipher_suites=['ECDHE_RSA_WITH_AES_128_CBC_SHA256'] compression_methods=['NULL'] extensions=[<TLSExtension type=application_layer_protocol_negotiation |<TLSExtALPN protocol_name_list=[<TLSALPNProtocol data='h2' |>, <TLSALPNProtocol data='h2-16' |>, <TLSALPNProtocol data='h2-14' |>, <TLSALPNProtocol data='http/1.1' |>] |>>] |>
params.handshake.server=<TLSServerHello version=TLS_1_2 gmt_unix_time=1964528416 random_bytes='\xa5\x11\x11\x81\xc3V\x03Q\xdb>\x8b\x1d\x9e\x13\xa7\xfelT\x80\x97\xf5\x06.4\x18\xc8\x85X' session_id_length=0x20 session_id='\x93\xfd\x95\xbc\x1d68w\x19{8\x83dz\xb4\\r\x81\xb7&\xb5\x14\x1d\xfc<fR\x00\xe7\xd3{\x90' cipher_suite=ECDHE_RSA_WITH_AES_128_CBC_SHA256 compression_method=NULL extensions_length=0x9 extensions=[<TLSExtension type=application_layer_protocol_negotiation length=0x5 |<TLSExtALPN length=0x3 protocol_name_list=[<TLSALPNProtocol length=0x2 data='h2' |>] |>>] |>
params.negotiated.version=TLS_1_2
params.negotiated.ciphersuite=ECDHE_RSA_WITH_AES_128_CBC_SHA256
params.negotiated.key_exchange=ECDHE
params.negotiated.encryption=('AES', 16, 'CBC')
params.negotiated.mac=SHA256
params.negotiated.compression=NULL
crypto.client.enc=<Crypto.Cipher.AES.AESCipher instance at 0x7f90d13062d8>
crypto.client.dec=<Crypto.Cipher.AES.AESCipher instance at 0x7f90d13063b0>
crypto.server.enc=<Crypto.Cipher.AES.AESCipher instance at 0x7f90d13063f8>
crypto.server.dec=<Crypto.Cipher.AES.AESCipher instance at 0x7f90d1306440>
crypto.client.rsa.privkey=None
crypto.client.rsa.pubkey=None
crypto.server.rsa.privkey=None
crypto.server.rsa.pubkey=<_RSAobj @0x7f90d13464d0 n(2048),e>
crypto.client.dsa.privkey=None
crypto.client.dsa.pubkey=None
crypto.server.dsa.privkey=None
crypto.server.dsa.pubkey=None
crypto.client.dh.x=None
crypto.client.dh.y_c=None
crypto.server.dh.p=None
crypto.server.dh.g=None
crypto.server.dh.x=None
crypto.server.dh.y_s=None
crypto.client.ecdh.curve_name=None
crypto.client.ecdh.priv='\x9d\xa1\xc1)\xc7g\xcf+\xc1U\xffd\x0f\xd13\xf3G0\xb3>\x83\x8b1V\xa19S\xac\xb4\xe8\x18_'
crypto.client.ecdh.pub=(55660150079706264549060731250077677621567952543805917063205824042726931277737, 96171213429541138775191303156783500559576917020503549099364694827291830154118) on "secp256r1" => y^2 = x^3 + 115792089210356248762697446949407573530086143415290314195533631308867097853948x + 41058363725152142129326129780047268409114441015993725554835256314039467401291 (mod 115792089210356248762697446949407573530086143415290314195533631308867097853951)
crypto.server.ecdh.curve_name='secp256r1'
crypto.server.ecdh.priv=None
crypto.server.ecdh.pub=(76018695469186964965485429908810690080098805676135269709416857701937687321241, 87933360945342485384088790667444373602059838780977372442846636781953482279729) on "secp256r1" => y^2 = x^3 + 115792089210356248762697446949407573530086143415290314195533631308867097853948x + 41058363725152142129326129780047268409114441015993725554835256314039467401291 (mod 115792089210356248762697446949407573530086143415290314195533631308867097853951)
crypto.session.encrypted_premaster_secret=None
crypto.session.premaster_secret='\x8e\xd6\xf6\xe0)\x03\x07pd\x15OvRT\xa7\x1f\x1d\xe0|k\x13\xaa\xc3\xf7_>\xa9X\x08\xe3\xaa\x98'
crypto.session.master_secret='\x02\x91N\x90\xcc\xe7\xda\\\xf7!\x82\x9e\[email protected]\x07\xdfJM\x98\xcen_78\x1e\xf8\xdfo`\xc4\xde\x82\x9dw\x1c\xcb\xcf\xa8>\xe0\xe2\xc7\xbc\x84F'
crypto.session.randombytes.client='X\xea!\xf6\xe7S\xd8\xa6\xb9\x97\xd1nt\x96\x0e|W\xe9\xe2\xf4\xb95/F=D5\xcbu\x02r\x00'
crypto.session.randombytes.server='u\x18S \xa5\x11\x11\x81\xc3V\x03Q\xdb>\x8b\x1d\x9e\x13\xa7\xfelT\x80\x97\xf5\x06.4\x18\xc8\x85X'
crypto.session.key.client.mac='\x9d\xd7~\x9e\xd8\x89\x9b\x19\x0fN\xcb\xf3\xe3H\x08\xdfj\xe3h\xdaZ,\x1d\x08\xf8\xa3<\xe0!\xeb=\x85'
crypto.session.key.client.encryption='\xe2Z\xdf\\/\x18~\xd2\xc2G\xe6\xc9\x916.}'
crypto.session.key.cllient.iv='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
crypto.session.key.server.mac='\x90\x83^ ]\x8d\xef\x06\xae\xed\x1an\xe2\x15\x9c4\xb8\x8d\xc4>g\xc4\xcdXU\xe7\xc3\xa9yvQ\x87'
crypto.session.key.server.encryption='\xaf\xb76E\[email protected]\x1cj\xbc\xbas\xb8+\xa9\xaf\x0e'
crypto.session.key.server.iv='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
crypto.session.key.length.mac=32
crypto.session.key.length.encryption=16
crypto.session.key.length.iv=16
>
Ich versuchte es auch, aber immer noch kein Glück .. – user3894707