Git Product home page Git Product logo

dtls-fuzzer's Introduction

DTLS-Fuzzer

Fuzzer for DTLS. Created at the University of Bremen in the block course "Server Hardening"

Usage

In fuzzer.rb are some examples how to use the "do_steps" method. With this method you can execute the handshake of dtls to the step of your choise. The method will return all pakets which was exchanged between fuzzer and server and also the next paket(s) needed to send to continue handshake. So you are able to change all the parameters of the packet, to start special tests. If already available, the method will return the keys to. At the moment there is only one ciphersuite supported: TLS_PSK_WITH_AES_128_CCM_8

Available steps

do_steps returns an array [tosend, messages, [client_key, server_key, client_iv, server_iv]]. content depends on the step.

Step | Keys   | already send               | tosend
------------------------------------------------------------------------------------------
   0 | -      |                          - | ClientHello without Cookie
   1 | -      | ClientHello without Cookie | ClientHello with Cookie
   2 | avail. | ClientHello with Cookie    | ClientKeyExchange, ChangeCipherSpec, Finished
   3 | avail. | ClientKeyExchange          | ChangeCipherSpec, Finished
   4 | avail. | ChangeCipherSpec           | Finished
   5 | avail. | Finished                   | ApplicationData
   6 | avail. | ApplicationData            | CloseNotify
   7 | avail. | CloseNotify                | -

                    Fuzzer           Server
                    ------           ------
      ClientHello  (seq=0) ----0--->
                           <-------- (seq=0)  HelloVerifyRequest
      ClientHello  (seq=1) ----1--->
     (mit cookie)
                           <-------- (seq=1)  ServerHello
                           <-------- (seq=2)  ServerKeyExchange
                           <-------- (seq=3)  ServerHelloDone
ClientKeyExchange  (seq=2) ----2--->
 ChangeCipherSpec          ----3--->
         Finished  (seq=3) ----4--->
                           <--------          ChangeCipherSpec
                           <-------- (seq=4)  Finished
 Application Data          ----5--->
                           <--------          Application Data
      CloseNotify          ----6--->

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.