[quagga-dev 11145] MD5 packet validation tool

Daniel Walton dwalton at cumulusnetworks.com
Fri Mar 28 19:00:47 GMT 2014


I spent some time fighting a MD5 bug recently and needed a way to determine if the sender was actually generating a bad MD5 signature or if the receiver was just intrepreting it incorrectly.  I wrote a little python tool that will calculate the MD5 signature of a packet.  I couldn't find anything like this online so here it is (attached) in case anyone else has to debug MD5 signatures.

dwalton at hydra-06[~]# ./md5-sanity.py --help
usage: md5-sanity.py [-h] packet signature password

positional arguments:
  packet      A hex dump of the entire packet
  signature   A hex dump of the MD5 signature in the packet
  password    The password for the TCP session

optional arguments:
  -h, --help  show this help message and exit
dwalton at hydra-06[~]#


dwalton at hydra-06[~]# ./md5-sanity.py 00020000000400020000000b080045c0004f547540000106e46f1e0102011e0102028b6e00b3d3678760009393a0a018003ef5a3000001011312c54024f52dcfcc96aa36b737d09d7fd3ffffffffffffffffffffffffffffffff001304 c54024f52dcfcc96aa36b737d09d7fd3 FOO      
IP Header Length: 20
IP Source Address: 30.1.2.1
IP Destination Address: 30.1.2.2
Protocol: 6
TCP Total Length: 59
TCP Header Length: 40
TCP Payload Length: 19

Generate the MD5 signature for the following payload:
1E010201 1E010202 0006003B 8B6E00B3
D3678760 009393A0 A018003E 00000000
FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF
00130446 4F4F

This packet contains a valid MD5 signature:
MD5 In Payload  : 0xC54024F52DCFCC96AA36B737D09D7FD3
MD5 Calculated  : 0xC54024F52DCFCC96AA36B737D09D7FD3
dwalton at hydra-06[~]#


Daniel 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: md5-sanity.tar
Type: application/x-tar
Size: 7168 bytes
Desc: not available
URL: <http://lists.quagga.net/pipermail/quagga-dev/attachments/20140328/783536a8/attachment-0001.tar>


More information about the Quagga-dev mailing list