From 604a84614330e9fd4df4113bec3b2bf17e17edaa Mon Sep 17 00:00:00 2001 From: minhtrannhat Date: Tue, 27 Aug 2024 14:21:24 -0400 Subject: [PATCH] fix(client): dont verify self-signed certificate - Updated server cert and key --- server.crt | 49 ++++++++++-------- server.key | 76 ++++++++++++++++++---------- src/quic_reflection_attack/client.py | 66 ++++++++++++++++++++++++ src/quic_reflection_attack/server.py | 6 ++- 4 files changed, 148 insertions(+), 49 deletions(-) create mode 100644 src/quic_reflection_attack/client.py diff --git a/server.crt b/server.crt index 80ba07d..6b27028 100644 --- a/server.crt +++ b/server.crt @@ -1,23 +1,30 @@ -----BEGIN CERTIFICATE----- -MIID6TCCAtGgAwIBAgIUA6R0Oohkukp0PbSKG2yCqBv7YL0wDQYJKoZIhvcNAQEL -BQAwgZsxCzAJBgNVBAYTAkNBMQ8wDQYDVQQIDAZRdWViZWMxETAPBgNVBAcMCE1v -bnRyZWFsMRMwEQYDVQQKDApNaW5oVHJhbkxUMRowGAYDVQQLDBFRdWljUmVmbGVj -dGlvbkF0azERMA8GA1UEAwwITWluaFRyYW4xJDAiBgkqhkiG9w0BCQEWFW1pbmhA -bWluaHRyYW5uaGF0LmNvbTAgFw0yNDA4MTgxOTAwNTBaGA8zMDEwMDQxMjE5MDA1 -MFowgZsxCzAJBgNVBAYTAkNBMQ8wDQYDVQQIDAZRdWViZWMxETAPBgNVBAcMCE1v -bnRyZWFsMRMwEQYDVQQKDApNaW5oVHJhbkxUMRowGAYDVQQLDBFRdWljUmVmbGVj -dGlvbkF0azERMA8GA1UEAwwITWluaFRyYW4xJDAiBgkqhkiG9w0BCQEWFW1pbmhA -bWluaHRyYW5uaGF0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB -AMbS8p4wjNHUfnGc8sGdBRIEOMHQ+/QCtKnltgkt0i3fVfl0x9iMsORQjayLvJRJ -zgfA7yO6bpIVM4XfJavIxSyLCZT7uHEYWPfzNmvGHiOhdr9wuI6XMbeDDEU09t1A -pYWA+yiW6yDWQcg3fKA4DsmMFP5ebHPtDO+Wz3jtRkatynCD9AsAxqPmy7v/ruBB -sELyVvFGORDUk5po2OSrRb7Awlkwx2LhkhMYH7pNXmkJYbSjc8k0krWcQQLU7c17 -c81PQvmb7Co9I6hVqZ0yxzmJ8G+EWtJSEdPNGLO8dUkvH6tmWZNgb2RMB3QMRsJF -LDFu0bt3OI/wwDrSwfU3dykCAwEAAaMhMB8wHQYDVR0OBBYEFPQrcuSoVRkrKJlZ -Beg7I2ssQpf1MA0GCSqGSIb3DQEBCwUAA4IBAQA/fuJy0ROp2zd2F8fKaoteC/7f -GQmd9AGPqdpuadxxFaOgpX2Skrf42p4GgPalPr2D7YZOxhmraSFWVHlSSxrSjiK0 -fpLE8SGvL8ioGiFwiMza+m9+lOYdN1oPiHLFnklkRGIjAK09HCe3bYdhyOpCSYD9 -ANqTAUNG1KN0PKFK+VoAK188fdbTF6vDc1PEVo/ManEeNzLIc/KModme264NJQhE -h4q21gbVaH+DdwpMZP29E+FLiOo+27BI1cwWyofv763BzWsZzwqGP3sK9vz6l8CK -giNruYNoQ/5Nd2xkB86sOdaryl6FYTCyr3p+oqGcfao5r0PY1B7ZYrFFhb6W +MIIFJTCCAw2gAwIBAgIUStbzfUkyh004WIO7yHeZlPDR3/EwDQYJKoZIhvcNAQEL +BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTI0MDgyNDIzNDEzNFoXDTI1MDgy +NDIzNDEzNFowFDESMBAGA1UEAwwJbG9jYWxob3N0MIICIjANBgkqhkiG9w0BAQEF +AAOCAg8AMIICCgKCAgEApZ7WPIZb4JW1Yz9cHpWeKern3oY2u/aMQpcq52RlJP66 +7X+DgUPLSa4tRZRjub6Bg7GCBlmT74Bh/Cly5NXN5V6zwBRZV595tT4TuE38y0sY +xFVPdvBbdpPbzAySohSuDkLfz5A439vj+lZqEPoIV3nFXwEJxuqqHLj+56AOO1B6 +woZ2OWiqjQV8xAIpVTv/uxXEGx44upN8pPuHymNUgaLNvHV3ww4HCVGRSnw5pL7L +y8/ZoWhdhYN8fU0xKk8ZNqOEl6zSNJB/gLJxeViYcTokSliLpcs6A6B3oeDRe7mc ++HqzPa9zEzIKjuDQPn+DX+VGGp9NnKhDHcPXZzHIWjeW32xPMLC8ma+izWHQ2RQF +HlMS+zWvEDXjoCjYsLgjcAQaJinDKBJBcKLxK418uG/fAs8YIP/eLMfWbgKqhJgv +xAY8F2S5wozQFpGE2AUfIzpjA9AB6/GwK6PG/8TTAYuT/zqwvceY6RacowPO3La+ +9L0W5T3SUuE8IwtOgSdkZa8NQlROsyeR8o/iSmRrxWOT5bwLYDucA0aspvxHVcjz +W0vKtz7FZTZOoq5gb7Feb7EIw66pTg3yervHYM6P3KP/ExAfM5J4E7PXFxn33Q49 +HxikVjBv283D7w5vub8IX6rns5WDrbbwXVbM8j5z7SCwyBX469b1o2wSMCR21vkC +AwEAAaNvMG0wHQYDVR0OBBYEFM/oF51PrSg/y9Z9JyhpGPdJukaTMB8GA1UdIwQY +MBaAFM/oF51PrSg/y9Z9JyhpGPdJukaTMA8GA1UdEwEB/wQFMAMBAf8wGgYDVR0R +BBMwEYIJbG9jYWxob3N0hwR/AAABMA0GCSqGSIb3DQEBCwUAA4ICAQBIo9ioeApm +Me4doXNLcrv0ntfkqEmT8w9Y7jRl0LClm8ywXh+WjN0QBf+1dTl3frVoyz8R3zjr +H9Bz3B7RFAHa3ytE/o5MvWSyFx+CVs7NZztYKTLDWzuxfAnT/Nuo8wDMVq8CtF77 +6DhciCFD0W83zTr8QLORUIrh2MP2WW7y3lfg9+FaWDd00s0h9pb/sX17HMud7wu+ +TPF/I6XWhqxlGuGeTigYI/w9LXdjgY6c7ADRFv5oXrEWG9jDHiUZGRsUr62nb6JF +cWFjRwV77SKLT79WzkfHADVm9ucOt6v1c1E9dv3jZTlNy3tEkkW6dhGBlSPGGIgR +g67KRljfye6EgCqR+8W+d6j7Y4Qn7mI2ciBTWtFH1a5TNmk0MujdJrkaPfq0zDKS +N8jrDfWMzUEL8tOFjiVdEtFSwCCgztBuPloML8pR3xjTN3+rhXiygoq4p42V2dGu +DWkmYNP9ijuiy6VoI2iLmG0WWd3YFmBI7pFiGrmZaeBpqbxlIxzFveQ/cIksmc35 +YdI6vcK4mcDdq7u/o+ApW2DqQ1117u+YvR8Ulx611U9MEfbsxuaeTXcORP0Rl7lo +fxy8cVhL3yHrz+qkbyXXqdwKekNdNlaIkXkVITUz207Hr66e2vjxYVFSguxTa1Gw +IBjlPxEZ0hLvVZYJHVFWyPdOHjO77r5v7g== -----END CERTIFICATE----- diff --git a/server.key b/server.key index 77698ed..df31540 100644 --- a/server.key +++ b/server.key @@ -1,28 +1,52 @@ -----BEGIN PRIVATE KEY----- -MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDG0vKeMIzR1H5x -nPLBnQUSBDjB0Pv0ArSp5bYJLdIt31X5dMfYjLDkUI2si7yUSc4HwO8jum6SFTOF -3yWryMUsiwmU+7hxGFj38zZrxh4joXa/cLiOlzG3gwxFNPbdQKWFgPsolusg1kHI -N3ygOA7JjBT+Xmxz7Qzvls947UZGrcpwg/QLAMaj5su7/67gQbBC8lbxRjkQ1JOa -aNjkq0W+wMJZMMdi4ZITGB+6TV5pCWG0o3PJNJK1nEEC1O3Ne3PNT0L5m+wqPSOo -VamdMsc5ifBvhFrSUhHTzRizvHVJLx+rZlmTYG9kTAd0DEbCRSwxbtG7dziP8MA6 -0sH1N3cpAgMBAAECggEACDWZkvKKPfe6KNLEKz5igTXvagFJBfA+qW00sPhVX1OD -Z0NtJQHaI/M3hlJWvQC3IxbSSPVfr2R0tihak9c8XPR4ttAV84V/1u0R6C1L/Uij -cJAk7q5LfTpJ/WmMb+JFc1e6BxkEKFzwZmX0HWFzKts/2qjnbXnyOMpPUrzpU+2y -b+Y+o8FW3RRCvxADm5U4YrQPaJsObScduK9xxK95RoTvp27oXtu7vL2MqCZbucbQ -lua4u29T5U5XKGIqd8G7UTsj2nXVFArqXGG0N0CIQnyqbNGLrrpAd9FuyJeXnsgP -xBh2H+CcXBsDrqqfk45pzme76dQRN9SDsfFy7CIESQKBgQDt8XQDivYYOh+syF58 -OYKjrqEEoaBQQkqY8m48KbopnRmPHiy7JbWM7wWsEWDgItGtATBDvPPzx6FnhqJO -80S0VD0P91a4WUy7a1A1SQvyI9ZUaJVEsWHQY5lzMmU3NJHeYo/lovtQ3h5DgNL8 -gHpCgSxmUKT48CsrZikDf0BZCwKBgQDV6YXECThpT/BikDkRxF+w0fUqg6L5P4pG -W857y6n4j5BKFwNPPbrREEXI1RpLLM/8D0gVKlS9hYOamWZiH6J+3I1FltRJxrju -Q9OiyKI+MErj+bEq6nPVA8tV2IfZYsmq2S7K8XXvuMG/QAOIHIT3O/B2Plvk0DwS -O6yAD7QZGwKBgBwuZsEsqi0AZVP/f0FTRmfAfQ2hXu1ijJdEz02M26GmG6rZtg6M -Ts5cWN2iSUkClrbY1zCOpo4O7MzoIz0ajt6Uw46qirjWysG/2gYVmraZC/9/S36R -S7Z0tW3xYA+DyGsAXW6jOQTA6fCwx0xkoxZRWkLb9k4Nk+9V8DGb1rE1AoGAD99v -JJfGjtH2tWmcQnw+2YEK3ye7bSFQ4l2nmboIF8CXZVgFz9h1x1OcygU+GTvvBvYf -VCq69QE2Pb+KQFe2mBFHjlVd1Uegq1VvG9Ilb9XniLkbc2LIS5MngGw70F6rNjk9 -ZqO6K5qbDdTzLiNnnmzdL/j6mqT1AClbaHlB1OcCgYA/qlAHtzVpHWeWg8UtNNjW -S5Mfdcld/wIy0T1dsw7ha8PPnwHU2aSydCrqIdyw4Ol0AuGNUsq+qpdfKHdyD/Li -7JxfTFUSXuqbzC6odFXZBZNBtphHUyvVwk4QybRXMVMVPIvOkvebij2kTiRanTjZ -jUp2nUaVQw4kDaiECn6NXQ== +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQClntY8hlvglbVj +P1welZ4p6ufehja79oxClyrnZGUk/rrtf4OBQ8tJri1FlGO5voGDsYIGWZPvgGH8 +KXLk1c3lXrPAFFlXn3m1PhO4TfzLSxjEVU928Ft2k9vMDJKiFK4OQt/PkDjf2+P6 +VmoQ+ghXecVfAQnG6qocuP7noA47UHrChnY5aKqNBXzEAilVO/+7FcQbHji6k3yk ++4fKY1SBos28dXfDDgcJUZFKfDmkvsvLz9mhaF2Fg3x9TTEqTxk2o4SXrNI0kH+A +snF5WJhxOiRKWIulyzoDoHeh4NF7uZz4erM9r3MTMgqO4NA+f4Nf5UYan02cqEMd +w9dnMchaN5bfbE8wsLyZr6LNYdDZFAUeUxL7Na8QNeOgKNiwuCNwBBomKcMoEkFw +ovErjXy4b98Czxgg/94sx9ZuAqqEmC/EBjwXZLnCjNAWkYTYBR8jOmMD0AHr8bAr +o8b/xNMBi5P/OrC9x5jpFpyjA87ctr70vRblPdJS4TwjC06BJ2Rlrw1CVE6zJ5Hy +j+JKZGvFY5PlvAtgO5wDRqym/EdVyPNbS8q3PsVlNk6irmBvsV5vsQjDrqlODfJ6 +u8dgzo/co/8TEB8zkngTs9cXGffdDj0fGKRWMG/bzcPvDm+5vwhfquezlYOttvBd +VszyPnPtILDIFfjr1vWjbBIwJHbW+QIDAQABAoICABxTm17EuCgkUt7DsnTEsEWJ +GNlVaT0iwQCOrFbhM+9s5fnC6nIMb1ONx85zv87AB5THom6FmajH83pWeIEtFEcb +uHCsyk8TRpS6JlNKe2cl0/mYgbvdBje0uE4hBF9WXCKyS2dLyn53NHnXl9KJgS28 +9QX3vn1YG3pIJcjl9iks7aIhr0zIWws9mgZIPFuIpIeSBHWC6L74hMQPBT2XWZfG +iZunF7Gzz35HhisQLifAPkkApr9Vg1FXmM4xiqwq1SwkMYRjmZxF7pjLbF8NyRzs +jdJtbI0Rwj1mj6+PLSUVLQTOr6NoQ61PzMB9MQDPfF/FbgUVpAecO8Z2fXv35sVI +lvHf3dnfs9S8Fl1xtlI2zHQk432HkvI1cN591bQjaA1yBZYqh/U5nxSq7gm4eXWi +FYP2stYC6SUcu2h88IZH1nCPoL+NuENu4JUkUn9ywihSPASBFUc815vMcEVG23wn +FuUUtZUsGLBhd9CgkfmlPYRNV/+GkBWCZBjToZ0JBwUJZ+E27xja2IMw25eyLP9d +TozJhz5b9eXvMBhvQJz4qIslQ0Y8FZVsto82Ylbnrtq+XjmK+qdbH8sbVDp2+nXn +O0wq+7c24Ap/A7Ndpfi5DkD3tM+WQHRflbQ8zAX//uGrXxOaxA0+5TUc+UZPRcyC +xDVHTeMyLGqynsBL9CWFAoIBAQDkTbOLhLpc6Yq8Bjk6/iIZ0ge3g3cOJT+4Vkeu +ZVd/sIxqp9Eyw+6yxJZxety1+rywBh8UFbihhjNmgillT25KuhG2ouYzjOOK05ln +LvguUwRZhh6BAHWPHjyqF1X7TlpZV4aaPxTxfV3q6xoGrpij/rtybil0w8jCAKkN +Tb1zTzTRXEHO01LPAgLATjZrJfiJ5BbMx67gOjhBX+NdtKc8ep/MwT+6TtUj16S9 +FRP6ZSsSgQ9txXN6KzutZD2WpqCEdwJDXeVqwhKTQiZ+ei6mCezBBczg7JlJVmy5 +On2YsnC6BkxU48Am/kq7XAjZthyFZqM2O068siBogK3rurFLAoIBAQC5tmvsIAuL +H7fegZ3m7O90dpQHzU72II4uOzIvNxPbSPXeZWx2mC5Z+gCVwQWKWqzlwZfJYSwl +/y0olfKGLJUSisSDDBEvK23FEyrbRpm31kJcY+EDO0huPoL4ORFhieIJ5t4V7zUB +Xg/n+NXsgiu+uSd7BlpL7pYf1csTe/bqjVJK0Srv8wLA/uMDPqX27WD/pZMMrhnu +Xdgmqqm8MZyjDCNwo5JYRjOReMCTdcNm/2y97ySdnG3kfLfTLnQEbyQx9TP87L17 +ERO3fvutHWJr+AsstdNC2+23SbmLrClC+m0NC+goffGPbsuNNCGWWEdPSd5zRoVT +df0Kbr/8BPJLAoIBAQCiXcRwWC/2Pj3lpQN0uiJkfKPyVrQIQmOD5RDLrdVBwbzL +aZh1YzVSvE9GW5u2bKFfCqt1rFEHxxqtL6rjG0+UI6rPWiEfznZRWFXENXpZ776r +MKBnHH1/EIESctA6jyngWkgnUO/DI2b02MlEsU1rbJHBOymOmmMf3jpcdMpkxJMK +xnMi9dXx1TtBqx42q+WLo8S3VNhBLgauL9TS4tUBRTB6/YEmLkSVXhsSQnhX3zV3 +zoO7jO6olzC1CxJmHxEPxFe+s3uipm1xf11DHAArI+nWCRsBaCNILgfa4AdM3rMf +CbWltegFk1pwz26X71VvZmRzAFDqEEDOMZ3/hWHrAoIBACOMgNIdPDhwZODpzNEE +b73KaQGpUkEY8D53RF73WwyxxabBoWZ+MPk2OuBvp2DZhJkiWqzItgu78ef/9AGt +DQgUmhM/vxZZaNS9m4mH1Sr0j5Vh5ROaSH4Z5zYerm4OV79vevmV5X6Sg9bysfho +3njOtnj9OVGppQEJCqt7IkO5s5PwwBhYWyGYaNoZJunCfLvS9PgLZ5lSS2rzZjRJ +BuPLEgmgtgXBwmNJSwuvEi1oHWeqHEczR3HiUcnR7ZFfuPz7I+15X7fsB+srGoAD +zPA/9dukHoGA2dso+KR82xUgHLnPmqwNl6zOF5a68Ob3lQbfa/6C9EiKoFpb4tIa +HEsCggEAEecHeFfpJLNhdG1bIM4PWtkypH/QD/rrvOkQOY/yypWh7NVxaq9g5TUq +ZIh4tayc0hxVzGeQAiw35aGgBSwTT/uZ2j9WcH6dS7RLITsapA44LD7DRSx6gmzJ +xu38zGn8pq0Kng8J4SnIDuzE0C+PbeLYeoshBV3ghOAvtF/7gH1bDe4b/bRY489v +lrzCwk9pM1j8g5VPZOyBxMdpmq7k7asIPAeQ8Bhc7ih1ugJb+2v3WcZrer+SnjL7 +v9ejMTgZWfxY3VLwVq05SLlLl6lscegrEiMgUbx0hfJBL4dLFI+IUrIwlQ9G6xQ7 +XF0nAyhvdJyNDziSAVk5P5nPVwDbEg== -----END PRIVATE KEY----- diff --git a/src/quic_reflection_attack/client.py b/src/quic_reflection_attack/client.py new file mode 100644 index 0000000..cb70ae6 --- /dev/null +++ b/src/quic_reflection_attack/client.py @@ -0,0 +1,66 @@ +import asyncio +from aioquic.asyncio.protocol import QuicConnectionProtocol +import uvloop +import ssl +from typing import cast, Optional + +from aioquic.asyncio.client import connect +from aioquic.quic.configuration import QuicConfiguration +from aioquic.quic.events import QuicEvent, StreamDataReceived +from aioquic.quic.connection import QuicConnection + + +async def run_client(host: str, port: int, message: str) -> None: + configuration = QuicConfiguration( + is_client=True, alpn_protocols=["quic-echo"], verify_mode=ssl.CERT_NONE + ) # our own custome alpn protocol + + async with connect( + host, + port, + configuration=configuration, + create_protocol=QuicClientProtocol, + wait_connected=True, + ) as client: + client = cast(QuicClientProtocol, client) + + assert ( + client.quic is not None + ), "QUIC Client connection is not properly initilized" + + # Open a stream and send data + stream_id = client.quic.get_next_available_stream_id() + client.quic.send_stream_data(stream_id, message.encode()) + + # Wait for the response + response = await client.wait_for_response(stream_id) + print(f"Response from server: {response}") + + +class QuicClientProtocol(QuicConnectionProtocol): + def __init__(self, *args, **kwargs) -> None: + super().__init__(*args, **kwargs) + self.quic: Optional[QuicConnection] = None + self.stream_data = {} + + def quic_event_received(self, event: QuicEvent) -> None: + if isinstance(event, StreamDataReceived): + stream_id = event.stream_id + data = event.data + if stream_id in self.stream_data: + self.stream_data[stream_id] += data + else: + self.stream_data[stream_id] = data + + async def wait_for_response(self, stream_id: int) -> str: + while stream_id not in self.stream_data: + await asyncio.sleep(0.1) + return self.stream_data[stream_id].decode() + + +if __name__ == "__main__": + host = "localhost" + port = 8000 + message = "Hello, QUIC server!" + + uvloop.run(run_client(host, port, message)) diff --git a/src/quic_reflection_attack/server.py b/src/quic_reflection_attack/server.py index fb4821f..42b173d 100644 --- a/src/quic_reflection_attack/server.py +++ b/src/quic_reflection_attack/server.py @@ -4,12 +4,14 @@ import uvloop from aioquic.quic.configuration import QuicConfiguration from aioquic.quic.connection import QuicConnection +from aioquic.asyncio.protocol import QuicConnectionProtocol from aioquic.quic.events import QuicEvent, StreamDataReceived from aioquic.asyncio import serve # type: ignore -class QuicServerProtocol: - def __init__(self): +class QuicServerProtocol(QuicConnectionProtocol): + def __init__(self, *args, **kwargs): + super().__init__(*args, **kwargs) self.quic: Optional[QuicConnection] = None def quic_event_received(self, event: QuicEvent) -> None: