[quagga-dev 11567] Re: MD5 packet validation tool

Daniel Walton dwalton at cumulusnetworks.com
Wed Oct 8 15:27:40 BST 2014


Sounds good. I'll send it out next week (on vacation this week) 

Daniel 

-----Original Message----- 
From: "Paul Jakma" <paul at jakma.org> 
To: "Daniel Walton" <dwalton at cumulusnetworks.com> 
Cc: quagga-dev at lists.quagga.net 
Sent: Wednesday, October 8, 2014 05:51:21 AM 
Subject: Re: [quagga-dev 11145] MD5 packet validation tool 

Nice. 

Fancy slapping some kind of suitable licence header on it, and we could 
stick it in tools/? :) 

regards, 

Paul 

On Fri, 28 Mar 2014, Daniel Walton wrote: 

> I spent some time fighting a MD5 bug recently and needed a way to determine if the sender was actually generating a bad MD5 signature or if the receiver was just intrepreting it incorrectly. I wrote a little python tool that will calculate the MD5 signature of a packet. I couldn't find anything like this online so here it is (attached) in case anyone else has to debug MD5 signatures. 
> 
> dwalton at hydra-06[~]# ./md5-sanity.py --help 
> usage: md5-sanity.py [-h] packet signature password 
> 
> positional arguments: 
> packet A hex dump of the entire packet 
> signature A hex dump of the MD5 signature in the packet 
> password The password for the TCP session 
> 
> optional arguments: 
> -h, --help show this help message and exit 
> dwalton at hydra-06[~]# 
> 
> 
> dwalton at hydra-06[~]# ./md5-sanity.py 00020000000400020000000b080045c0004f547540000106e46f1e0102011e0102028b6e00b3d3678760009393a0a018003ef5a3000001011312c54024f52dcfcc96aa36b737d09d7fd3ffffffffffffffffffffffffffffffff001304 c54024f52dcfcc96aa36b737d09d7fd3 FOO 
> IP Header Length: 20 
> IP Source Address: 30.1.2.1 
> IP Destination Address: 30.1.2.2 
> Protocol: 6 
> TCP Total Length: 59 
> TCP Header Length: 40 
> TCP Payload Length: 19 
> 
> Generate the MD5 signature for the following payload: 
> 1E010201 1E010202 0006003B 8B6E00B3 
> D3678760 009393A0 A018003E 00000000 
> FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF 
> 00130446 4F4F 
> 
> This packet contains a valid MD5 signature: 
> MD5 In Payload : 0xC54024F52DCFCC96AA36B737D09D7FD3 
> MD5 Calculated : 0xC54024F52DCFCC96AA36B737D09D7FD3 
> dwalton at hydra-06[~]# 
> 
> 
> Daniel 
> 
> 

-- 
Paul Jakma paul at jakma.org @pjakma Key ID: 64A2FF6A 
Fortune: 
QOTD: 
"If he learns from his mistakes, pretty soon he'll know everything." 




More information about the Quagga-dev mailing list