TLS-Attacker: Java-based framework for analyzing TLS libraries

TLS Attacker

TLS-Attacker is a Java-based framework for analyzing TLS libraries. It can send arbitrary protocol messages in an arbitrary order to the TLS peer, and define their modifications using a provided interface. This allows the developer to easily define a custom TLS protocol flow and test it against his TLS library.

Please note: TLS-Attacker is a research tool intended for TLS developers and pentesters. There is no GUI and no green/red lights. It is the first version and can contain some bugs.

Code Structure

TLS-Attacker consists of several (maven) projects:

  • Transport: Transport utilities for TCP and UDP.
  • ModifiableVariable: Contains modifiable variables that allow one to execute (specific as well as random) variable modifications during the protocol flow. ModifiableVariables are used in the protocol messages.
  • TLS: Protocol implementation, currently (D)TLS1.2 compatible.
  • Attacks: Implementation of some well-known attacks and tests for these attacks.
  • Fuzzer: Fuzzing framework implemented on top of the TLS-Attacker functionality.

You can find more information about these modules in the Wiki.

Features

Currently, the following features are supported:

  • SSL 3, TLS versions 1.0 (RFC-2246), 1.1 (RFC-4346), 1.2 (RFC-5246), and 1.3 (RFC-8446)
  • SSL 2 (Partially supported)
  • (EC)DH(E), RSA, PSK, SRP, GOST and ANON key exchange algorithms
  • CBC, AEAD and Streamciphers (AES, CAMELLIA, DES, 3DES, IDEA, RC2, ARIA, GOST_28147_CNT_IMIT, RC4, SEED, NULL)
  • ~300 Cipher suites, ~30 Extensions
  • Client and Server
  • HTTPS
  • Workflows with more than two parties
  • Lots of extensions
  • Tokenbinding (EC) and Tokenbinding over HTTP
  • Sockets
  • TLS 1.3 0-RTT
  • STARTTLS

Protocol-Attacker/Layer System

Originally designed to attack the TLS protocol, TLS-Attacker is capable of supporting arbitrary protocols. To this end, TLS-Attacker assigns a layer stack to each connection. This layer stack consists of the different protocol layers the user wants to utilize. With the layer stack, the user can add layers like DTLS, or HTTP (more are WIP) in an arbitrary order.

To send and receive arbitrary messages using a layer stack, the user can define configurations for each layer. These configurations specify which messages to send or receive. This also allows the user to specify the layer specific messages/data containers for each layer. For example, one could specify the TLS messages and records TLS-Attacker should send. TLS-Attacker would encapsulate the given TLS messages into the records automatically.

Copyright 2023 Ruhr University Bochum, Paderborn University, and Hackmanit GmbH

Source: https://github.com/RUB-NDS/