TLS-Attacker
TLS-Attacker copied to clipboard
tls-attacker
DTLS Issue
Hello everyone, I have problems when I want to test around with DTLS. When I start the TLS-Server with DTLS parameter nothing shows but it is running. Then I am starting the TLS-Client to connect to the running server, but I always get exception that could not initialise TCP Transport Handler even though I am pretty sure that the TLS-Client successfully loaded DTLS parameter.
Am I missing something or could you provide me with some additional steps required for the newest version of TLS-Attacker.
Thank you in advance for help.
TLS-Attacker allows you to do wild things like sending DTLS parameters in a TLS connection to try to confuse the peer. Right now, it seems like you are running these tools with TCP as the underlying layer. To change the underlying layer, you have to change the "TransportHandler" - which is the TLS-Attackers interface for "anything below TLS".
-transport_handler_type UDP
I also did it with the arguments and also tried it with defining config and loading it as config, but still no success. Those are the calls that I made in seperate terminals which are leading me to exception:
java -jar TLS-Server.jar -port 2000 -transport_handler_type UDP - Works fine, but I do not receive any output from the server that is waiting on host and port
java -jar TLS-Client.jar -connect localhost:2000 -transport_handler_type UDP - this one is causing the following exception after I run the command: 08:58:59 [main] INFO : SendAction - Sending messages (client): CLIENT_HELLO, 08:59:00 [main] ERROR: WorkflowExecutor - Unexpected fatal error during action execution, stopping execution: java.lang.RuntimeException: Trying to set TCP layer with non TCP TransportHandler at de.rub.nds.tlsattacker.core.layer.impl.TcpLayer.getTransportHandler(TcpLayer.java:85) at de.rub.nds.tlsattacker.core.layer.impl.TcpLayer.sendData(TcpLayer.java:55) at de.rub.nds.tlsattacker.core.layer.impl.RecordLayer.sendData(RecordLayer.java:205) at de.rub.nds.tlsattacker.core.layer.impl.RecordLayer.sendData(RecordLayer.java:51) at de.rub.nds.tlsattacker.core.layer.impl.MessageLayer.flushCollectedMessages(MessageLayer.java:112) at de.rub.nds.tlsattacker.core.layer.impl.MessageLayer.processMessage(MessageLayer.java:100) at de.rub.nds.tlsattacker.core.layer.impl.MessageLayer.sendConfiguration(MessageLayer.java:79) at de.rub.nds.tlsattacker.core.layer.LayerStack.sendData(LayerStack.java:103) at de.rub.nds.tlsattacker.core.workflow.action.MessageAction.send(MessageAction.java:243) at de.rub.nds.tlsattacker.core.workflow.action.SendAction.execute(SendAction.java:95) at de.rub.nds.tlsattacker.core.workflow.WorkflowExecutor.executeAction(WorkflowExecutor.java:133) at de.rub.nds.tlsattacker.core.workflow.DefaultWorkflowExecutor.executeWorkflow(DefaultWorkflowExecutor.java:70) at de.rub.nds.tlsattacker.client.main.TlsClient.startTlsClient(TlsClient.java:86) at de.rub.nds.tlsattacker.client.main.TlsClient.main(TlsClient.java:58) 08:59:00 [main] WARN : TlsClient - The TLS protocol flow was not executed completely, follow the debug messages for more information.
Internally, TLS-Attacker uses different ProtocolLayers to reflect the individual parts of a protocol stack. By default, the stack of layers contains a TcpLayer. If you want to use DTLS, you can add -version DTLS12 to your CLI flags. This should prepare the layer stack as required for DTLS and automatically set the transport handler to UDP.
