Manufacturing Message Specification (MMS) protocol attacks

Aim of the project

List of cybersecurity attacks on client and server MMS under TLS.
I realised these attacks during my intership in the university in collaboration with Ricerca sul Sistema Energetico(RSE spa).

Technologies

Docker and containers

Transport Layer Security(TLS)

Manufacturing Message Specification(MMS) protocol

Experimentation

Search for vulnerabilities in the TLS protocol and main cipher suites

Search for security attacks

Search for tools

Run the attacks

Developed attacks

Passive Man-in-the-middle

Denial of service

Packet filtering

Downgrade

Run attacks

Run Client and Server

Terminal1 ./serverexec

Terminal2 ./clientexec

Terminal1 ./start

Terminal2 ./start [SERVER_IP] (Example : ./start 172.17.0.3 )

Passive Man in the Middle

Run client and server first!

Terminal3 (arp) ./arp

Terminal4 (tcpdump) ./tcpdump

Terminal3 (arp) ./start [SERVER_IP] [CLIENT_IP] (Example : ./start 172.17.0.3 172.17.0.2 )

Terminal4 (tcpdump) ./start

Terminal1 ./start

WebSocket Denial of Service

Run client and server first!

Terminal3 (dos) ./dosattack

Terminal3 (dos) ./start [IP_SERVER]

Terminal1 ./start

Packet Filtering

Run client and server first!

Terminal3 (packetfilter) ./packetfilter

Terminal4 (arp) ./arp

Terminal4 (arp) ./start [IP_SERVER] [IP_CLIENT]

Then run one of these two scripts:

• Terminal3(packetfilter) ./start_inject

• Terminal3 (packetfilter) ./start_pending