[Assignment-4] added comments in mitm and slke attack implementations
This commit is contained in:
Sascha Tommasone
parent
10cb1766de
commit
fd0d3d5f12
GPG key ID:
751068A86FCAA217
2 changed files with 15 additions and 2 deletions
|
|
@ -4,7 +4,6 @@ import base64
|
||||||
import os.path as path
|
import os.path as path
|
||||||
|
|
||||||
|
|
||||||
# protocol 1: flag{m4n_1n_th3_m1ddl3_w0w}
|
|
||||||
class Module:
|
class Module:
|
||||||
def __init__(self, incoming=False, verbose=False, options=None):
|
def __init__(self, incoming=False, verbose=False, options=None):
|
||||||
# extract the file name from __file__. __file__ is proxymodules/name.py
|
# extract the file name from __file__. __file__ is proxymodules/name.py
|
||||||
|
|
@ -13,24 +12,32 @@ class Module:
|
||||||
self.incoming = incoming # incoming means module is on -im chain
|
self.incoming = incoming # incoming means module is on -im chain
|
||||||
self.find = None # if find is not None, this text will be highlighted
|
self.find = None # if find is not None, this text will be highlighted
|
||||||
|
|
||||||
|
# protocol 1: flag{m4n_1n_th3_m1ddl3_w0w}
|
||||||
def execute(self, data):
|
def execute(self, data):
|
||||||
print(f"Incoming data: {data}")
|
print(f"Incoming data: {data}")
|
||||||
data_json = json.loads(data)
|
data_json = json.loads(data)
|
||||||
|
|
||||||
|
# return handshake messages without modification
|
||||||
if data_json.get("type") == "HANDSHAKE":
|
if data_json.get("type") == "HANDSHAKE":
|
||||||
return data
|
return data
|
||||||
|
|
||||||
|
# replace "Bob" with "Eve" in the first protocol message
|
||||||
elif data_json.get("id") == 1:
|
elif data_json.get("id") == 1:
|
||||||
data_json["content"] = data_json["content"].replace("Bob","Eve")
|
data_json["content"] = data_json["content"].replace("Bob","Eve")
|
||||||
|
|
||||||
|
# if message 3 received, build valid message 4
|
||||||
|
# instead of {Hello Alice!}_K use arbitary data
|
||||||
elif data_json.get("id") == 3:
|
elif data_json.get("id") == 3:
|
||||||
data_json["id"] = 4
|
data_json["id"] = 4
|
||||||
data_json["sender"] = "Bob"
|
data_json["sender"] = "Bob"
|
||||||
data_json["receiver"] = "Alice"
|
data_json["receiver"] = "Alice"
|
||||||
data_json["content"] = str(base64.b64encode(os.urandom(16)))
|
data_json["content"] = str(base64.b64encode(os.urandom(16)))
|
||||||
|
|
||||||
|
# dump message
|
||||||
data = json.dumps(data_json) + "\n"
|
data = json.dumps(data_json) + "\n"
|
||||||
print(f"Outgoing data: {data}")
|
print(f"Outgoing data: {data}")
|
||||||
|
|
||||||
|
# return crafted message to proxy
|
||||||
return data
|
return data
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,6 @@ import time
|
||||||
import os.path as path
|
import os.path as path
|
||||||
|
|
||||||
|
|
||||||
# protocol 2: flag{n3v3r_tru5t_b0b}
|
|
||||||
class Module:
|
class Module:
|
||||||
def __init__(self, incoming=False, verbose=False, options=None):
|
def __init__(self, incoming=False, verbose=False, options=None):
|
||||||
# extract the file name from __file__. __file__ is proxymodules/name.py
|
# extract the file name from __file__. __file__ is proxymodules/name.py
|
||||||
|
|
@ -12,22 +11,29 @@ class Module:
|
||||||
self.incoming = incoming # incoming means module is on -im chain
|
self.incoming = incoming # incoming means module is on -im chain
|
||||||
self.find = None # if find is not None, this text will be highlighted
|
self.find = None # if find is not None, this text will be highlighted
|
||||||
|
|
||||||
|
# protocol 2: flag{n3v3r_tru5t_b0b}
|
||||||
def execute(self, data):
|
def execute(self, data):
|
||||||
print(f"Incoming data: {data}")
|
print(f"Incoming data: {data}")
|
||||||
data_json = json.loads(data)
|
data_json = json.loads(data)
|
||||||
|
|
||||||
|
# return handshake messages without modification
|
||||||
if data_json.get("type") == "HANDSHAKE":
|
if data_json.get("type") == "HANDSHAKE":
|
||||||
return data
|
return data
|
||||||
|
|
||||||
|
# swap receiver and sender of protocol messages with id 1,2 or 3
|
||||||
elif data_json.get("id") in {1, 2, 3}:
|
elif data_json.get("id") in {1, 2, 3}:
|
||||||
data_json["sender"], data_json["receiver"] = data_json["receiver"], data_json["sender"]
|
data_json["sender"], data_json["receiver"] = data_json["receiver"], data_json["sender"]
|
||||||
|
|
||||||
|
# if message 3 received from Alice, build valid message 4
|
||||||
if data_json.get("id") == 3:
|
if data_json.get("id") == 3:
|
||||||
data_json["id"] = 4
|
data_json["id"] = 4
|
||||||
data_json["content"] = str(int(time.time()))
|
data_json["content"] = str(int(time.time()))
|
||||||
|
|
||||||
|
# dump message
|
||||||
data = json.dumps(data_json) + "\n"
|
data = json.dumps(data_json) + "\n"
|
||||||
print(f"Outgoing data: {data}")
|
print(f"Outgoing data: {data}")
|
||||||
|
|
||||||
|
# return crafted message to proxy
|
||||||
return data
|
return data
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue