scapy icon indicating copy to clipboard operation
scapy copied to clipboard

Published 20 hours ago verified publisher icon secdev

TLS Application Data not decrypted

Open wbenny opened this issue 2 years ago • 5 comments

Brief description

I was trying to decrypt a simple Powershell HTTPS request. Unfrotunatelly, scapy isn't able to decrypt the TLS Application Data.

Wireshark is able to decrypt the pcap with no problem.

I was trying to debug the problem, however, for some reason, when I attach a pdb debugger, the TLS decryption stops working even for https://github.com/secdev/scapy/tree/master/doc/notebooks/tls/raw_data/... examples (which I am able to decrypt with scapy, when no debugger is attached).

Scapy version

2.5.0rc1

Python version

3.10

Operating system

Windows 11

Additional environment information

part.pcap + SSLKEYLOGFILE

https://mega.nz/folder/MpwGnLBB#1Q7WqvwMlpTjAoSxvFdbQQ

How to reproduce

from scapy.all import *

load_layer('tls')
conf.tls_session_enable = True
conf.tls_nss_filename = 'SSLKEYLOGFILE'

packets = rdpcap('part.pcap')
packets[13][TLS].show()  # request
packets[15][TLS].show()  # response

Actual result

###[ TLS ]### 
  type      = application_data
  version   = TLS 1.2
  len       = 183    [deciphered_len= 159]
  iv        = b'\x00\x00\x00\x00\x00\x00\x00\x01'
  \msg       \
   |###[ Encrypted Content ]### 
   |  load      = '\x16\\xb4\\x8b\\xfcX\x16\\x83X(\\xf6Z~m\x04}\\\\xd2M\\xec~\\x9a\x11\\xec#\\x9ce\\xb3;\\xd0]\\xb2)\\xd0\x1f;C\\xed\\x9b&\\xe3\\xf0Z~a\x12\\xc3%\x0f\\xf8\\xee\\x93/\\xf4\\xc6S\\xee\x10KZ\\xed%#`\\xe2\\x83\\xf5\t\\xbbO\\x80&\\x85;!\\xa6\x135u\x00\\x8d\x15t\\xb8c\\x99\\x87r\\xd2\\xc0Q\x05\\xefȗr\\x9d"\x1e\\xb3\\xec+E\\xd1\r\x02\\xac}\\xfe\\xe6\x00M}F\\xa2\x17\x066\\x99\\xe9\\x92&s\\xbd\\xa6\\x9d\\xd8T\\x8b\\x87\\xdeq\\xc1?\\xe6-\\xfdrۢ\\xe8\\xee\\xe4ʨ\\xa9W}řl\\xdb\\xf4\\xef\\xcc\\xe0\x18h=Z'
  mac       = b'\xd7vh\xd6O\x9b-\xe9\xd2\xbd\xb9\xa39$\xbb\x9c'
  pad       = b''
  padlen    = None

Expected result

###[ TLS ]### 
  type      = application_data
  version   = TLS 1.2
  len       = 183    [deciphered_len= 159]
  iv        = b'\x00\x00\x00\x00\x00\x00\x00\x01'
  \msg       \
   |###[ TLS Application Data ]### 
   |  data      = 'GET /uuid HTTP/1.1\r\n ...'
  mac       = b'\xd7vh\xd6O\x9b-\xe9\xd2\xbd\xb9\xa39$\xbb\x9c'
  pad       = b''
  padlen    = None

Related resources

No response

wbenny avatar Aug 22 '22 02:08 wbenny

Additional observation - deciphered_len is correctly displayed.

wbenny avatar Aug 22 '22 02:08 wbenny

Not sure if I'm digging into the right thing, but it seems like the issue is that the Cipher_AES_128_GCM.auth_decrypt() always raises CipherError .

wbenny avatar Aug 22 '22 11:08 wbenny

My guess is that the TLS response is fragmented. Did you try to use

packets = sniff(session=TCPSession, offline="part.pcap")

instead?

gpotter2 avatar Aug 23 '22 14:08 gpotter2

I had a quick look and this looks like a bug.

gpotter2 avatar Aug 23 '22 15:08 gpotter2

Using sniff() didn't work - but I guess you've figured that out by now :) Will this be an "easy fix" kind of issue, or will this need a deeper dive into the rabbit hole?

wbenny avatar Aug 23 '22 17:08 wbenny

It's been 1 million years but a fix is now available in https://github.com/secdev/scapy/pull/4082. Thanks again for the very clear bug report and for bearing with us :)

gpotter2 avatar Jul 31 '23 22:07 gpotter2