一些python学习中和密码有关的小代码
在python的学习中试着写了一些和密码有关的小工具,主要调用了gmssl、pyopenssl和scapy等模块,现与诸君分享一下
有关SM2算法的实现
SM2加解密
import base64
import binascii
from gmssl import sm2, func
def datain():
data = input('please input data to encrypt:')
data = bytes(data, 'utf-8')
return data
def sm2_enc(private_key,public_key,data):
sm2_crypt = sm2.CryptSM2(
public_key=public_key, private_key=private_key)
enc_data = sm2_crypt.encrypt(data)
enc_data = func.bytes_to_list(enc_data)
enc_data = [hex(i) for i in enc_data]
print('encrypt_value:')
print('/'.join(enc_data))
def main():
# 16进制的公钥和私钥
private_key = '00B9AB0B828FF68872F21A837FC303668428DEA11DCD1B24429D0C99E24EED83D5'
public_key = 'B9C9A6E04E9C91F7BA880429273747D7EF5DDEB0BB2FF6317EB00BEF331A83081A6994B8993F3F5D6EADDDB81872266C87C018FB4162F5AF347B483E24620207'
data = datain()
sm2_enc(private_key, public_key, data)
if __name__ == '__main__':
main()
import binascii
from gmssl import sm2, func
def datain():
data = input('please input data to sign:')
data = bytes(data, 'utf-8')
return data
def sm2_sign(private_key,public_key,data):
sm2_crypt = sm2.CryptSM2(
public_key=public_key, private_key=private_key)
random_hex_str = func.random_hex(sm2_crypt.para_len)
sign = sm2_crypt.sign(data, random_hex_str)
print('sign:%s' % sign)
def main():
private_key = '00B9AB0B828FF68872F21A837FC303668428DEA11DCD1B24429D0C99E24EED83D5'
public_key = 'B9C9A6E04E9C91F7BA880429273747D7EF5DDEB0BB2FF6317EB00BEF331A83081A6994B8993F3F5D6EADDDB81872266C87C018FB4162F5AF347B483E24620207'
data = datain()
sm2_sign(private_key, public_key, data)
if __name__ == '__main__':
main()
import binascii
from gmssl import sm2, func
def datain():
data = input('please input data to sign:')
data = bytes(data, 'utf-8')
return data
def signin():
sign = input('please input sign to verify:')
return sign
def sm2_verify(private_key,public_key,sign, data):
sm2_crypt = sm2.CryptSM2(
public_key=public_key, private_key=private_key)
verify = sm2_crypt.verify(sign, data)
return verify
def main():
private_key = '00B9AB0B828FF68872F21A837FC303668428DEA11DCD1B24429D0C99E24EED83D5'
public_key = 'B9C9A6E04E9C91F7BA880429273747D7EF5DDEB0BB2FF6317EB00BEF331A83081A6994B8993F3F5D6EADDDB81872266C87C018FB4162F5AF347B483E24620207'
data = datain()
sign = signin()
verify = sm2_verify(private_key,public_key,sign, data)
if verify == True:
print('verify:',True)
else:
print('verify:',False)
if __name__ == '__main__':
main()
SM3哈希算法
from gmssl import sm3, func
x = input('input value to hash_sm3: ')
x_b = bytes(x,encoding='utf-8')
if __name__ == '__main__':
y = sm3.sm3_hash(func.bytes_to_list(x_b))
print(y)
SM4加解密
from gmssl.sm4 import CryptSM4, SM4_ENCRYPT, SM4_DECRYPT
from gmssl import func
# from gmssl.func import bytes_to_list
# from gmssl.func import list_to_bytes
def lentest(key_s):
flag = 0
if len(key_s) != 16:
flag = 0
else:
flag = 1
return flag
def sm4_enc(value_s ,key_s):
crypt_sm4 = CryptSM4()
iv = b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
value = bytes(value_s,'utf-8')
key = bytes(key_s, 'utf-8')
crypt_sm4.set_key(key, SM4_ENCRYPT)
encrypt_value = crypt_sm4.crypt_cbc(iv , value)
encrypt_value = func.bytes_to_list(encrypt_value)
encrypt_value = [hex(i) for i in encrypt_value]
return encrypt_value
def main():
key_s = input('please input key 128bit_16byte:')
value_s = input('please input value to encrypt:')
flag = lentest(key_s)
if flag == 0:
print('error key')
else:
encrypt_value = sm4_enc(value_s , key_s)
print('encrypt_value:')
print( '/'.join(encrypt_value))
if __name__ == '__main__':
main()
from gmssl.sm4 import CryptSM4, SM4_ENCRYPT, SM4_DECRYPT
from gmssl import func
def lentest(key_s):
flag = 0
if len(key_s) != 16:
flag = 0
else:
flag = 1
return flag
def sm4_dec(encrypt_value_s,key_s):
iv = b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
crypt_sm4 = CryptSM4()
encrypt_value = encrypt_value_s.split("/")
encrypt_value = [int(i,16) for i in encrypt_value]
encrypt_value = func.list_to_bytes(encrypt_value)
key = bytes(key_s, 'utf-8')
crypt_sm4.set_key(key, SM4_DECRYPT)
decrypt_value = crypt_sm4.crypt_cbc(iv , encrypt_value)
return decrypt_value
def main():
key_s = input('please input key 128bit_16byte:')
encrypt_value_s = input('please input value(hex,split by "/") to decrypt:')
flag = lentest(key_s)
if flag == 0:
print('error key')
else:
decrypt_value = sm4_dec(encrypt_value_s,key_s)
decrypt_value_s =str(decrypt_value,'utf-8')
print('decrypt_value:',decrypt_value_s)
if __name__ == '__main__':
main()
基于pyopenssl的数字证书解析
import OpenSSL
import time
from dateutil import parser
from gmssl.func import list_to_bytes
def cer_analysis(ceradd):
cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, open(ceradd).read())
print(type(open(ceradd).read()))
print(open(ceradd).read())
print(type(cert))
print(cert)
certIssue = cert.get_issuer()
version = cert.get_version()+1
sernum = hex(cert.get_serial_number())
signature = cert.get_signature_algorithm().decode("UTF-8")
comname = certIssue.commonName
datetime_struct = parser.parse(cert.get_notBefore().decode("UTF-8"))
starttime = datetime_struct.strftime('%Y-%m-%d %H:%M:%S')
datetime_struct = parser.parse(cert.get_notAfter().decode("UTF-8"))
endtime = datetime_struct.strftime('%Y-%m-%d %H:%M:%S')
flag = cert.has_expired()
long = cert.get_pubkey().bits()
public = OpenSSL.crypto.dump_publickey(OpenSSL.crypto.FILETYPE_PEM, cert.get_pubkey()).decode("utf-8")
ext = cert.get_extension_count()
components = certIssue.get_components()
l = ['证书版本:', version, ' 证书序列号:',sernum, "证书中使用的签名算法: ",signature, "颁发者:",comname, "有效期从:",starttime, "到", endtime, "证书是否已经过期:",flag, "公钥长度" ,long, "公钥:",public, "主体信息",components, ext]
return l
if __name__=='__main__':
ceradd = 'cer.crt'
l = cer_analysis(ceradd)
print(l)
基于scapy的TLS算法套件解析
from threading import Thread
from scapy.all import *
import requests
import ssl
import socket
load_layer("tls")
flag = 0
#num = int(input('抓包数量:'))
def version_test(msg_str):
if 'version=TLS 1.0' in msg_str:
version = 'TLS 1.0'
elif 'version=TLS 1.1' in msg_str:
version = 'TLS 1.1'
elif 'version=TLS 1.2' in msg_str:
version = 'TLS 1.2'
elif 'version=TLS 1.3' in msg_str:
version = 'TLS 1.3'
else:
version = 'error'
return version
def cipher_test(msg_str):
t = 0
l = ['cipher=TLS_NULL_WITH_NULL_NULL', 'cipher=TLS_RSA_WITH_NULL_MD5', 'cipher=TLS_RSA_WITH_NULL_SHA', 'cipher=TLS_RSA_EXPORT_WITH_RC4_40_MD5', 'cipher=TLS_RSA_WITH_RC4_128_MD5', 'cipher=TLS_RSA_WITH_RC4_128_SHA', 'cipher=TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5', 'cipher=TLS_RSA_WITH_IDEA_CBC_SHA', 'cipher=TLS_RSA_EXPORT_WITH_DES40_CBC_SHA', 'cipher=TLS_RSA_WITH_DES_CBC_SHA', 'cipher=TLS_RSA_WITH_3DES_EDE_CBC_SHA', 'cipher=TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA', 'cipher=TLS_DH_DSS_WITH_DES_CBC_SHA', 'cipher=TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA', 'cipher=TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA', 'cipher=TLS_DH_RSA_WITH_DES_CBC_SHA', 'cipher=TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA', 'cipher=TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA', 'cipher=TLS_DHE_DSS_WITH_DES_CBC_SHA', 'cipher=TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA', 'cipher=TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA', 'cipher=TLS_DHE_RSA_WITH_DES_CBC_SHA', 'cipher=TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA', 'cipher=TLS_DH_anon_EXPORT_WITH_RC4_40_MD5', 'cipher=TLS_DH_anon_WITH_RC4_128_MD5', 'cipher=TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA', 'cipher=TLS_DH_anon_WITH_DES_CBC_SHA', 'cipher=TLS_DH_anon_WITH_3DES_EDE_CBC_SHA', 'cipher=Reserved to avoid conflicts with SSLv3', 'cipher=TLS_KRB5_WITH_DES_CBC_SHA', 'cipher=TLS_KRB5_WITH_3DES_EDE_CBC_SHA', 'cipher=TLS_KRB5_WITH_RC4_128_SHA', 'cipher=TLS_KRB5_WITH_IDEA_CBC_SHA', 'cipher=TLS_KRB5_WITH_DES_CBC_MD5', 'cipher=TLS_KRB5_WITH_3DES_EDE_CBC_MD5', 'cipher=TLS_KRB5_WITH_RC4_128_MD5', 'cipher=TLS_KRB5_WITH_IDEA_CBC_MD5', 'cipher=TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA', 'cipher=TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA', 'cipher=TLS_KRB5_EXPORT_WITH_RC4_40_SHA', 'cipher=TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5', 'cipher=TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5', 'cipher=TLS_KRB5_EXPORT_WITH_RC4_40_MD5', 'cipher=TLS_PSK_WITH_NULL_SHA', 'cipher=TLS_DHE_PSK_WITH_NULL_SHA', 'cipher=TLS_RSA_PSK_WITH_NULL_SHA', 'cipher=TLS_RSA_WITH_AES_128_CBC_SHA', 'cipher=TLS_DH_DSS_WITH_AES_128_CBC_SHA', 'cipher=TLS_DH_RSA_WITH_AES_128_CBC_SHA', 'cipher=TLS_DHE_DSS_WITH_AES_128_CBC_SHA', 'cipher=TLS_DHE_RSA_WITH_AES_128_CBC_SHA', 'cipher=TLS_DH_anon_WITH_AES_128_CBC_SHA', 'cipher=TLS_RSA_WITH_AES_256_CBC_SHA', 'cipher=TLS_DH_DSS_WITH_AES_256_CBC_SHA', 'cipher=TLS_DH_RSA_WITH_AES_256_CBC_SHA', 'cipher=TLS_DHE_DSS_WITH_AES_256_CBC_SHA', 'cipher=TLS_DHE_RSA_WITH_AES_256_CBC_SHA', 'cipher=TLS_DH_anon_WITH_AES_256_CBC_SHA', 'cipher=TLS_RSA_WITH_NULL_SHA256', 'cipher=TLS_RSA_WITH_AES_128_CBC_SHA256', 'cipher=TLS_RSA_WITH_AES_256_CBC_SHA256', 'cipher=TLS_DH_DSS_WITH_AES_128_CBC_SHA256', 'cipher=TLS_DH_RSA_WITH_AES_128_CBC_SHA256', 'cipher=TLS_DHE_DSS_WITH_AES_128_CBC_SHA256', 'cipher=TLS_RSA_WITH_CAMELLIA_128_CBC_SHA', 'cipher=TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA', 'cipher=TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA', 'cipher=TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA', 'cipher=TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA', 'cipher=TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA', 'cipher=Reserved to avoid conflicts with deployed implementations', 'cipher=Reserved to avoid conflicts', 'cipher=Reserved to avoid conflicts with deployed implementations', 'cipher=Unassigned', 'cipher=Reserved to avoid conflicts with widely deployed implementations', 'cipher=TLS_DHE_RSA_WITH_AES_128_CBC_SHA256', 'cipher=TLS_DH_DSS_WITH_AES_256_CBC_SHA256', 'cipher=TLS_DH_RSA_WITH_AES_256_CBC_SHA256', 'cipher=TLS_DHE_DSS_WITH_AES_256_CBC_SHA256', 'cipher=TLS_DHE_RSA_WITH_AES_256_CBC_SHA256', 'cipher=TLS_DH_anon_WITH_AES_128_CBC_SHA256', 'cipher=TLS_DH_anon_WITH_AES_256_CBC_SHA256', 'cipher=Unassigned', 'cipher=TLS_RSA_WITH_CAMELLIA_256_CBC_SHA', 'cipher=TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA', 'cipher=TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA', 'cipher=TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA', 'cipher=TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA', 'cipher=TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA', 'cipher=TLS_PSK_WITH_RC4_128_SHA', 'cipher=TLS_PSK_WITH_3DES_EDE_CBC_SHA', 'cipher=TLS_PSK_WITH_AES_128_CBC_SHA', 'cipher=TLS_PSK_WITH_AES_256_CBC_SHA', 'cipher=TLS_DHE_PSK_WITH_RC4_128_SHA', 'cipher=TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA', 'cipher=TLS_DHE_PSK_WITH_AES_128_CBC_SHA', 'cipher=TLS_DHE_PSK_WITH_AES_256_CBC_SHA', 'cipher=TLS_RSA_PSK_WITH_RC4_128_SHA', 'cipher=TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA', 'cipher=TLS_RSA_PSK_WITH_AES_128_CBC_SHA', 'cipher=TLS_RSA_PSK_WITH_AES_256_CBC_SHA', 'cipher=TLS_RSA_WITH_SEED_CBC_SHA', 'cipher=TLS_DH_DSS_WITH_SEED_CBC_SHA', 'cipher=TLS_DH_RSA_WITH_SEED_CBC_SHA', 'cipher=TLS_DHE_DSS_WITH_SEED_CBC_SHA', 'cipher=TLS_DHE_RSA_WITH_SEED_CBC_SHA', 'cipher=TLS_DH_anon_WITH_SEED_CBC_SHA', 'cipher=TLS_RSA_WITH_AES_128_GCM_SHA256', 'cipher=TLS_RSA_WITH_AES_256_GCM_SHA384', 'cipher=TLS_DHE_RSA_WITH_AES_128_GCM_SHA256', 'cipher=TLS_DHE_RSA_WITH_AES_256_GCM_SHA384', 'cipher=TLS_DH_RSA_WITH_AES_128_GCM_SHA256', 'cipher=TLS_DH_RSA_WITH_AES_256_GCM_SHA384', 'cipher=TLS_DHE_DSS_WITH_AES_128_GCM_SHA256', 'cipher=TLS_DHE_DSS_WITH_AES_256_GCM_SHA384', 'cipher=TLS_DH_DSS_WITH_AES_128_GCM_SHA256', 'cipher=TLS_DH_DSS_WITH_AES_256_GCM_SHA384', 'cipher=TLS_DH_anon_WITH_AES_128_GCM_SHA256', 'cipher=TLS_DH_anon_WITH_AES_256_GCM_SHA384', 'cipher=TLS_PSK_WITH_AES_128_GCM_SHA256', 'cipher=TLS_PSK_WITH_AES_256_GCM_SHA384', 'cipher=TLS_DHE_PSK_WITH_AES_128_GCM_SHA256', 'cipher=TLS_DHE_PSK_WITH_AES_256_GCM_SHA384', 'cipher=TLS_RSA_PSK_WITH_AES_128_GCM_SHA256', 'cipher=TLS_RSA_PSK_WITH_AES_256_GCM_SHA384', 'cipher=TLS_PSK_WITH_AES_128_CBC_SHA256', 'cipher=TLS_PSK_WITH_AES_256_CBC_SHA384', 'cipher=TLS_PSK_WITH_NULL_SHA256', 'cipher=TLS_PSK_WITH_NULL_SHA384', 'cipher=TLS_DHE_PSK_WITH_AES_128_CBC_SHA256', 'cipher=TLS_DHE_PSK_WITH_AES_256_CBC_SHA384', 'cipher=TLS_DHE_PSK_WITH_NULL_SHA256', 'cipher=TLS_DHE_PSK_WITH_NULL_SHA384', 'cipher=TLS_RSA_PSK_WITH_AES_128_CBC_SHA256', 'cipher=TLS_RSA_PSK_WITH_AES_256_CBC_SHA384', 'cipher=TLS_RSA_PSK_WITH_NULL_SHA256', 'cipher=TLS_RSA_PSK_WITH_NULL_SHA384', 'cipher=TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256', 'cipher=TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256', 'cipher=TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256', 'cipher=TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256', 'cipher=TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256', 'cipher=TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256', 'cipher=TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256', 'cipher=TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256', 'cipher=TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256', 'cipher=TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256', 'cipher=TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256', 'cipher=TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256', 'cipher=Unassigned', 'cipher=TLS_EMPTY_RENEGOTIATION_INFO_SCSV', 'cipher=Unassigned', 'cipher=Unassigned', 'cipher=TLS_AES_128_GCM_SHA256', 'cipher=TLS_AES_256_GCM_SHA384', 'cipher=TLS_CHACHA20_POLY1305_SHA256', 'cipher=TLS_AES_128_CCM_SHA256', 'cipher=TLS_AES_128_CCM_8_SHA256', 'cipher=Unassigned', 'cipher=Unassigned', 'cipher=TLS_FALLBACK_SCSV', 'cipher=Unassigned', 'cipher=TLS_ECDH_ECDSA_WITH_NULL_SHA', 'cipher=TLS_ECDH_ECDSA_WITH_RC4_128_SHA', 'cipher=TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA', 'cipher=TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA', 'cipher=TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA', 'cipher=TLS_ECDHE_ECDSA_WITH_NULL_SHA', 'cipher=TLS_ECDHE_ECDSA_WITH_RC4_128_SHA', 'cipher=TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA', 'cipher=TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA', 'cipher=TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA', 'cipher=TLS_ECDH_RSA_WITH_NULL_SHA', 'cipher=TLS_ECDH_RSA_WITH_RC4_128_SHA', 'cipher=TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA', 'cipher=TLS_ECDH_RSA_WITH_AES_128_CBC_SHA', 'cipher=TLS_ECDH_RSA_WITH_AES_256_CBC_SHA', 'cipher=TLS_ECDHE_RSA_WITH_NULL_SHA', 'cipher=TLS_ECDHE_RSA_WITH_RC4_128_SHA', 'cipher=TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA', 'cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA', 'cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA', 'cipher=TLS_ECDH_anon_WITH_NULL_SHA', 'cipher=TLS_ECDH_anon_WITH_RC4_128_SHA', 'cipher=TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA', 'cipher=TLS_ECDH_anon_WITH_AES_128_CBC_SHA', 'cipher=TLS_ECDH_anon_WITH_AES_256_CBC_SHA', 'cipher=TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA', 'cipher=TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA', 'cipher=TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA', 'cipher=TLS_SRP_SHA_WITH_AES_128_CBC_SHA', 'cipher=TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA', 'cipher=TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA', 'cipher=TLS_SRP_SHA_WITH_AES_256_CBC_SHA', 'cipher=TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA', 'cipher=TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA', 'cipher=TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256', 'cipher=TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384', 'cipher=TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256', 'cipher=TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384', 'cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256', 'cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384', 'cipher=TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256', 'cipher=TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384', 'cipher=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256', 'cipher=TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384', 'cipher=TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256', 'cipher=TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384', 'cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256', 'cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384', 'cipher=TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256', 'cipher=TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384', 'cipher=TLS_ECDHE_PSK_WITH_RC4_128_SHA', 'cipher=TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA', 'cipher=TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA', 'cipher=TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA', 'cipher=TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256', 'cipher=TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384', 'cipher=TLS_ECDHE_PSK_WITH_NULL_SHA', 'cipher=TLS_ECDHE_PSK_WITH_NULL_SHA256', 'cipher=TLS_ECDHE_PSK_WITH_NULL_SHA384', 'cipher=TLS_RSA_WITH_ARIA_128_CBC_SHA256', 'cipher=TLS_RSA_WITH_ARIA_256_CBC_SHA384', 'cipher=TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256', 'cipher=TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384', 'cipher=TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256', 'cipher=TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384', 'cipher=TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256', 'cipher=TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384', 'cipher=TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256', 'cipher=TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384', 'cipher=TLS_DH_anon_WITH_ARIA_128_CBC_SHA256', 'cipher=TLS_DH_anon_WITH_ARIA_256_CBC_SHA384', 'cipher=TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256', 'cipher=TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384', 'cipher=TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256', 'cipher=TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384', 'cipher=TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256', 'cipher=TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384', 'cipher=TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256', 'cipher=TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384', 'cipher=TLS_RSA_WITH_ARIA_128_GCM_SHA256', 'cipher=TLS_RSA_WITH_ARIA_256_GCM_SHA384', 'cipher=TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256', 'cipher=TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384', 'cipher=TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256', 'cipher=TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384', 'cipher=TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256', 'cipher=TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384', 'cipher=TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256', 'cipher=TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384', 'cipher=TLS_DH_anon_WITH_ARIA_128_GCM_SHA256', 'cipher=TLS_DH_anon_WITH_ARIA_256_GCM_SHA384', 'cipher=TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256', 'cipher=TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384', 'cipher=TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256', 'cipher=TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384', 'cipher=TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256', 'cipher=TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384', 'cipher=TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256', 'cipher=TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384', 'cipher=TLS_PSK_WITH_ARIA_128_CBC_SHA256', 'cipher=TLS_PSK_WITH_ARIA_256_CBC_SHA384', 'cipher=TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256', 'cipher=TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384', 'cipher=TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256', 'cipher=TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384', 'cipher=TLS_PSK_WITH_ARIA_128_GCM_SHA256', 'cipher=TLS_PSK_WITH_ARIA_256_GCM_SHA384', 'cipher=TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256', 'cipher=TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384', 'cipher=TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256', 'cipher=TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384', 'cipher=TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256', 'cipher=TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384', 'cipher=TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256', 'cipher=TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384', 'cipher=TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256', 'cipher=TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384', 'cipher=TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256', 'cipher=TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384', 'cipher=TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256', 'cipher=TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384', 'cipher=TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256', 'cipher=TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384', 'cipher=TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256', 'cipher=TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384', 'cipher=TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256', 'cipher=TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384', 'cipher=TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256', 'cipher=TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384', 'cipher=TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256', 'cipher=TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384', 'cipher=TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256', 'cipher=TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384', 'cipher=TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256', 'cipher=TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384', 'cipher=TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256', 'cipher=TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384', 'cipher=TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256', 'cipher=TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384', 'cipher=TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256', 'cipher=TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384', 'cipher=TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256', 'cipher=TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384', 'cipher=TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256', 'cipher=TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384', 'cipher=TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256', 'cipher=TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384', 'cipher=TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256', 'cipher=TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384', 'cipher=TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256', 'cipher=TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384', 'cipher=TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256', 'cipher=TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384', 'cipher=TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256', 'cipher=TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384', 'cipher=TLS_RSA_WITH_AES_128_CCM', 'cipher=TLS_RSA_WITH_AES_256_CCM', 'cipher=TLS_DHE_RSA_WITH_AES_128_CCM', 'cipher=TLS_DHE_RSA_WITH_AES_256_CCM', 'cipher=TLS_RSA_WITH_AES_128_CCM_8', 'cipher=TLS_RSA_WITH_AES_256_CCM_8', 'cipher=TLS_DHE_RSA_WITH_AES_128_CCM_8', 'cipher=TLS_DHE_RSA_WITH_AES_256_CCM_8', 'cipher=TLS_PSK_WITH_AES_128_CCM', 'cipher=TLS_PSK_WITH_AES_256_CCM', 'cipher=TLS_DHE_PSK_WITH_AES_128_CCM', 'cipher=TLS_DHE_PSK_WITH_AES_256_CCM', 'cipher=TLS_PSK_WITH_AES_128_CCM_8', 'cipher=TLS_PSK_WITH_AES_256_CCM_8', 'cipher=TLS_PSK_DHE_WITH_AES_128_CCM_8', 'cipher=TLS_PSK_DHE_WITH_AES_256_CCM_8', 'cipher=TLS_ECDHE_ECDSA_WITH_AES_128_CCM', 'cipher=TLS_ECDHE_ECDSA_WITH_AES_256_CCM', 'cipher=TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8', 'cipher=TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8', 'cipher=TLS_ECCPWD_WITH_AES_128_GCM_SHA256', 'cipher=TLS_ECCPWD_WITH_AES_256_GCM_SHA384', 'cipher=TLS_ECCPWD_WITH_AES_128_CCM_SHA256', 'cipher=TLS_ECCPWD_WITH_AES_256_CCM_SHA384', 'cipher=TLS_SHA256_SHA256', 'cipher=TLS_SHA384_SHA384', 'cipher=Unassigned', 'cipher=TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC', 'cipher=TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC', 'cipher=TLS_GOSTR341112_256_WITH_28147_CNT_IMIT', 'cipher=Unassigned', 'cipher=Unassigned', 'cipher=Unassigned', 'cipher=TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256', 'cipher=TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256', 'cipher=TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256', 'cipher=TLS_PSK_WITH_CHACHA20_POLY1305_SHA256', 'cipher=TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256', 'cipher=TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256', 'cipher=TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256', 'cipher=Unassigned', 'cipher=Unassigned', 'cipher=Unassigned', 'cipher=TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256', 'cipher=TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384', 'cipher=TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256', 'cipher=Unassigned', 'cipher=TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256', 'cipher=Unassigned', 'cipher=Unassigned', 'cipher=Unassigned', 'cipher=Reserved to avoid conflicts with widely deployed implementations', 'cipher=Reserved for Private Use']
for i in range(len(l)):
if l[i] in msg_str:
cipher = l[i]
break
elif t>len(l):
cipher = 'error'
else:
t = t+1
return cipher
def packet_test(msg_str):
if 'msgtype=client_hello' in msg_str:
flag = 0
elif 'msgtype=server_hello' in msg_str:
flag = 1
else:
flag = 2
return flag
#def sniff_packet(num):
#packets = sniff( lfilter=lambda x: TLS in x, count = num)
#return packets
#print(packets.show())
#for i in range(0,num):
#print(packets[i].display())
#print(hexdump(packets[i]))
def get_url_ip(url):
#url = input('目标url:')
ip = socket.gethostbyname(url)
print('url_ip:',ip)
return ip
def request_url(url):
global flag
params = {'id': 'id', 'token': 'token'}
urls = 'https://'+ url
#i = 0
while(flag != 1):
#i=i+1
requests.post(urls , data=params)
#print('i=',i)
def main_scapy(url):
global flag
#url = input('目标url:')
ip = get_url_ip(url)
ip1 = 'src or dst '+ip
num = 40
#print(1)
packets = sniff(filter = ip1, lfilter=lambda x: TLS in x , count = num)
#packets.show()
#print(2)
for i in range(len(packets)):
msg_str = str(packets[i].payload[TLS].msg)
#print(msg_str)
flag = packet_test(msg_str)
if flag == 0:
li = [packets[i].payload[IP].src, packets[i].payload[IP].dst]
version = version_test(msg_str)
li.append(version)
break
else:
pass
#print('client:',src_ip)
#print('server:',dst_ip)
#packets.show()
for n in range(len(packets)):
msg_str = str(packets[n].payload[TLS].msg)
flag = packet_test(msg_str)
if flag == 1 and packets[n].payload[IP].src == li[1] and packets[n].payload[IP].dst == li[0]:
cipher = cipher_test(msg_str)
li.append(cipher)
break
else:
pass
#print('version:',version)
#print('cipher:',cipher)
if len(li) ==4:
flag = 1
print(li)
else:
main_scapy()
def main():
url = input('目标url:')
s1 = threading.Thread(target=request_url, args=(url, ))
s2 = threading.Thread(target=main_scapy, args=(url, ))
s1.start()
s2.start()
s1.join()
s2.join()
#print("exit")
if __name__ == '__main__':
main()