[quagga-dev 11573] Re: MD5 packet validation tool

John Fraizer john at op-sec.us
Thu Oct 9 13:57:53 BST 2014


Very nice!

--
John Fraizer
LinkedIn profile: http://www.linkedin.com/in/johnfraizer/



On Wed, Oct 8, 2014 at 10:27 AM, Daniel Walton <dwalton at cumulusnetworks.com>
wrote:

> Sounds good. I'll send it out next week (on vacation this week)
>
> Daniel
>
> -----Original Message-----
> From: "Paul Jakma" <paul at jakma.org>
> To: "Daniel Walton" <dwalton at cumulusnetworks.com>
> Cc: quagga-dev at lists.quagga.net
> Sent: Wednesday, October 8, 2014 05:51:21 AM
> Subject: Re: [quagga-dev 11145] MD5 packet validation tool
>
> Nice.
>
> Fancy slapping some kind of suitable licence header on it, and we could
> stick it in tools/? :)
>
> regards,
>
> Paul
>
> On Fri, 28 Mar 2014, Daniel Walton wrote:
>
> > I spent some time fighting a MD5 bug recently and needed a way to
> determine if the sender was actually generating a bad MD5 signature or if
> the receiver was just intrepreting it incorrectly. I wrote a little python
> tool that will calculate the MD5 signature of a packet. I couldn't find
> anything like this online so here it is (attached) in case anyone else has
> to debug MD5 signatures.
> >
> > dwalton at hydra-06[~]# ./md5-sanity.py --help
> > usage: md5-sanity.py [-h] packet signature password
> >
> > positional arguments:
> > packet A hex dump of the entire packet
> > signature A hex dump of the MD5 signature in the packet
> > password The password for the TCP session
> >
> > optional arguments:
> > -h, --help show this help message and exit
> > dwalton at hydra-06[~]#
> >
> >
> > dwalton at hydra-06[~]# ./md5-sanity.py
> 00020000000400020000000b080045c0004f547540000106e46f1e0102011e0102028b6e00b3d3678760009393a0a018003ef5a3000001011312c54024f52dcfcc96aa36b737d09d7fd3ffffffffffffffffffffffffffffffff001304
> c54024f52dcfcc96aa36b737d09d7fd3 FOO
> > IP Header Length: 20
> > IP Source Address: 30.1.2.1
> > IP Destination Address: 30.1.2.2
> > Protocol: 6
> > TCP Total Length: 59
> > TCP Header Length: 40
> > TCP Payload Length: 19
> >
> > Generate the MD5 signature for the following payload:
> > 1E010201 1E010202 0006003B 8B6E00B3
> > D3678760 009393A0 A018003E 00000000
> > FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF
> > 00130446 4F4F
> >
> > This packet contains a valid MD5 signature:
> > MD5 In Payload : 0xC54024F52DCFCC96AA36B737D09D7FD3
> > MD5 Calculated : 0xC54024F52DCFCC96AA36B737D09D7FD3
> > dwalton at hydra-06[~]#
> >
> >
> > Daniel
> >
> >
>
> --
> Paul Jakma paul at jakma.org @pjakma Key ID: 64A2FF6A
> Fortune:
> QOTD:
> "If he learns from his mistakes, pretty soon he'll know everything."
>
> _______________________________________________
> Quagga-dev mailing list
> Quagga-dev at lists.quagga.net
> https://lists.quagga.net/mailman/listinfo/quagga-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.quagga.net/pipermail/quagga-dev/attachments/20141009/08df83a1/attachment-0001.html>


More information about the Quagga-dev mailing list