This commit is contained in:
LiquidTheDangerous 2024-08-14 02:33:58 +05:00
parent 852b789ac3
commit 48488a3af4
2 changed files with 34 additions and 16 deletions

View File

@ -7,28 +7,39 @@ import (
const headerLen = 5 const headerLen = 5
type ClientHello struct { type TLSMessageType byte
Header ClientHelloHeader
const (
TLSInvalid TLSMessageType = 0x0
TLSChangeCipherSpec TLSMessageType = 0x14
TLSAlert TLSMessageType = 0x15
TLSHandshake TLSMessageType = 0x16
TLSApplicationData TLSMessageType = 0x17
TLSHeartbeat TLSMessageType = 0x18
)
type TlsMessage struct {
Header TlsHeader
Raw []byte //Header + Payload Raw []byte //Header + Payload
RawHeader []byte RawHeader []byte
RawPayload []byte RawPayload []byte
} }
type ClientHelloHeader struct { type TlsHeader struct {
Type byte Type TLSMessageType
ProtoVersion uint16 ProtoVersion uint16 // major | minor
PayloadLen uint16 PayloadLen uint16
} }
func ReadClientHello(r io.Reader) (*ClientHello, error) { func ReadTlsMessage(r io.Reader) (*TlsMessage, error) {
var rawHeader [5]byte var rawHeader [5]byte
_, err := io.ReadFull(r, rawHeader[:]) _, err := io.ReadFull(r, rawHeader[:])
if err != nil { if err != nil {
return nil, err return nil, err
} }
header := ClientHelloHeader{ header := TlsHeader{
Type: rawHeader[0], Type: TLSMessageType(rawHeader[0]),
ProtoVersion: binary.BigEndian.Uint16(rawHeader[1:3]), ProtoVersion: binary.BigEndian.Uint16(rawHeader[1:3]),
PayloadLen: binary.BigEndian.Uint16(rawHeader[3:5]), PayloadLen: binary.BigEndian.Uint16(rawHeader[3:5]),
} }
@ -38,11 +49,18 @@ func ReadClientHello(r io.Reader) (*ClientHello, error) {
if err != nil { if err != nil {
return nil, err return nil, err
} }
hello := &ClientHello{ hello := &TlsMessage{
Header: header, Header: header,
Raw: raw, Raw: raw,
RawHeader: raw[:headerLen],
RawPayload: raw[headerLen:],
} }
hello.RawHeader = hello.Raw[:headerLen]
hello.RawPayload = hello.Raw[headerLen:]
return hello, nil return hello, nil
} }
func IsClientHello(message *TlsMessage) bool {
// According to RFC 8446 section 4.
// first byte (Raw[5]) of handshake message should be 0x1 - means client_hello
return message.Header.Type == TLSHandshake &&
message.Raw[5] == 0x1
}

View File

@ -45,12 +45,12 @@ func (pxy *Proxy) handleHttps(lConn *net.TCPConn, exploit bool, initPkt *packet.
log.Debug("[HTTPS] Sent 200 Connection Estabalished to ", lConn.RemoteAddr()) log.Debug("[HTTPS] Sent 200 Connection Estabalished to ", lConn.RemoteAddr())
// Read client hello // Read client hello
hello, err := ReadClientHello(lConn) m, err := ReadTlsMessage(lConn)
if err != nil { if err != nil || !IsClientHello(m) {
log.Debug("[HTTPS] Error reading client hello from the client", err) log.Debug("[HTTPS] Error reading client hello from the client", err)
return return
} }
clientHello := hello.Raw clientHello := m.Raw
log.Debug("[HTTPS] Client sent hello ", len(clientHello), "bytes") log.Debug("[HTTPS] Client sent hello ", len(clientHello), "bytes")