test pull

README.md

@@ -1,4 +1,4 @@
-#nogotofail
+# nogotofail
 
 
 Nogotofail is a network security testing tool designed to help developers and
@@ -7,18 +7,18 @@ cleartext traffic on devices and applications in a flexible, scalable, powerful
 It includes testing for common SSL certificate verification issues, HTTPS and TLS/SSL
 library bugs, SSL and STARTTLS stripping issues, cleartext issues, and more.
 
-##Design
+## Design
 Nogotofail is composed of an on-path network MiTM and optional clients for the devices being tested.
 See [docs/design.md](docs/design.md) for the overview and design goals of nogotofail.
 
-##Dependencies
+## Dependencies
 Nogotofail depends only on Python 2.7 and pyOpenSSL>=0.13. The MiTM is designed to work on Linux
 machines and the transparent traffic capture modes are Linux specific and require iptables as well.
 
 Additionally the Linux client depends on [psutil](https://pypi.python.org/pypi/psutil).
 
-##Getting started
+## Getting started
 See [docs/getting_started.md](docs/getting_started.md) for setup and a walkthrough of nogotofail.
 
-##Discussion
+## Discussion
 For discussion please use our [nogotofail Google Group](https://groups.google.com/forum/#!forum/nogotofail).

docs/design.md

@@ -1,4 +1,4 @@
-#Design Goals
+# Design Goals
 
 
 Nogotofail was designed to be an automated, powerful, flexible and scalable tool
@@ -20,13 +20,13 @@ such that it does not get in the way of using devices as normal. Tests
 that are destructive are by default run only when necessary and with low
 probability.
 
-##The building blocks of nogotofail
+## The building blocks of nogotofail
 
 Nogotofail is centered around an on path man in the middle tool written in python
 with an optional client application to provide additional attribution and
 configuration support.
 
-###Man in The Middle
+### Man in The Middle
 
 The core of nogotofail is the on path network MiTM named nogotofail.mitm that
 intercepts TCP traffic. It is designed to primarily run on path and centers
@@ -36,7 +36,7 @@ nogotofail is completely port agnostic and instead detects vulnerable traffic
 using DPI instead of based on port numbers. Additionally, because it uses DPI,
 it is capable of testing TLS/SSL traffic in protocols that use STARTTLS.
 
-####Why attack probabilistically?
+#### Why attack probabilistically?
 
 Nogotofail does not destructively attack all TLS/SSL connections it sees because
 such attacks lead to non-vulnerable clients aborting attacked connections. If
@@ -56,15 +56,15 @@ devices we’ve seen tend to work as usual.
 Of course, if you want to test a specific connection aggressively you can push
 the probability up to 100%.
 
-####Protocol sensing
+#### Protocol sensing
 
 Protocol sensing for a TLS/SSL testing tool is critical because only attacking
 traffic on port 443 has two flaws. First, it misses TLS/SSL traffic on
 non-standard ports, and second, it fails to test protocols that use STARTTLS.
 
-###Client *(optional)*
+### Client *(optional)*
 
-####Why have a client?
+#### Why have a client?
 
 When testing on real devices it can be very difficult to determine what component or app made a
 vulnerable connection. Even seeing the contents and the destination isn’t always
@@ -83,7 +83,7 @@ Finally, the client receives notifications of vulnerabilities from the MiTM. Thi
 were issues, and it helps you understand exactly what action triggered the
 vulnerability.
 
-####What the client does
+#### What the client does
 
 The client exists to provide additional details about connections, allow the
 client to configure attack settings, and to be notified when vulnerabilities are

docs/gce/build_openvpn.sh

@@ -2,27 +2,22 @@
 
 set -e
 
-OPENVPN_VERSION="2.3.5"
+OPENVPN_VERSION="2.4.2"
 
 # Download OpenVPN and verify the signature on the archive
 rm -f openvpn-$OPENVPN_VERSION.tar.gz*
-wget http://swupdate.openvpn.org/community/releases/openvpn-$OPENVPN_VERSION.tar.gz
-wget http://swupdate.openvpn.org/community/releases/openvpn-$OPENVPN_VERSION.tar.gz.asc
+wget https://swupdate.openvpn.org/community/releases/openvpn-$OPENVPN_VERSION.tar.gz
+wget https://swupdate.openvpn.org/community/releases/openvpn-$OPENVPN_VERSION.tar.gz.asc
 rm -f tmp.keyring*
 gpg --no-default-keyring --keyring ./tmp.keyring --import openvpn-pgp-key.asc
 gpg --no-default-keyring --keyring ./tmp.keyring --verify openvpn-$OPENVPN_VERSION.tar.gz.asc
 rm -f tmp.keyring*
 
-# Download the patch for improved handling of floating clients
-rm -f tlsfloat.2.patch
-wget https://community.openvpn.net/openvpn/raw-attachment/ticket/49/tlsfloat.2.patch
-
-# Unpack, patch, build, and install.
+# Unpack, build, and install.
 rm -Rf openvpn-$OPENVPN_VERSION
 tar zxvf openvpn-$OPENVPN_VERSION.tar.gz
 cd openvpn-$OPENVPN_VERSION
-patch -p1 < ../tlsfloat.2.patch
-./configure
+./configure --prefix=/usr
 make
 sudo make install
 cd -

docs/gce/nogotofail.ovpn.template

@@ -3,8 +3,7 @@ proto udp
 client
 verb 4
 dev tun
-tun-ipv6
-redirect-gateway
+redirect-gateway ipv6
 
 # keepalive 60 120
 ping 60
@@ -14,3 +13,10 @@ persist-tun
 persist-key
 
 comp-lzo
+
+# Accept only server certificates which are whitelisted (via Key Usage and Extended Key Usage) for
+# server authentication
+remote-cert-tls server
+
+# Symmetric tunnel crypto config
+cipher AES-128-GCM

docs/gce/openvpn-client-cert-extfile.cfg

@@ -0,0 +1,2 @@
+keyUsage = digitalSignature, keyAgreement
+extendedKeyUsage = clientAuth

docs/gce/openvpn-pgp-key.asc

@@ -1,30 +1,41 @@
 -----BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG v1.4.9 (GNU/Linux)
+Version: GnuPG v1
 
-mQGiBEsHuu4RBACnPwEKcLYmlwe8v2e8xizlO1fCeqOA7zj6tU/T/1+YTJhrVbgW
-PiRYSNKAmAq0uLFLQ14KpIDsrtdi5ySeUTf64kJtDrBa2si6h0HUyNHf9EX6rUVC
-g/CTpsfYEkqlfMoBH7w7L5O2yidwWA+F4RGWhruzP7i1z+bBsIguSxiBzwCg5qPh
-pgkFGeWArp/OUBHkaqmPZ00D/08dmkrez9d7C/PoR/cFq0nQBqL3zmsRxv66I6fM
-TUqwaRpweWHh9P6XR+pTJjBglVSvk9kLv+PYCvk7yxbT3M6OA/GrSEp/53itlzOU
-MPkv/OF6BmbRbYJK5HAsZgHGbuZxUHUqm4qJ+t4+WZaz9i8WtYbOM6T9aNWQrVUW
-dUMqA/4tZlHJzCrd1NbfEetQVeso9rzzWWWmDAusbvkowfrFHXJGUjfL0hBmxj/9
-JmZtwU+i8G+MKQS0w9rCVLEMLoHLLxPH+Jiknz3Y2xE6CbiSvL+8cvOolgADz/06
-MniHKOZb4tPFPw7ObESeAGp4T9FgT53fJ14AMjGLyHv6EXbfvbQsU2FtdWxpIFNl
-cHDDpG5lbiA8c2FtdWxpLnNlcHBhbmVuQGdtYWlsLmNvbT6IYAQTEQIAIAUCSwe6
-7gIbAwYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEMKdl+0ZjSKjsfsAoK6khXtq
-w2xDtNBv/UhRhuVH0NQOAKCDWiB2zYNvHWLYnuIpAlE1sAnGPrkCDQRLB7ruEAgA
-jwSEfTWLJsIW5qlKNEhySIjmRmcVgqB/NTaZ+Nd/r++stYSan1qb7qlQ3B3w48p1
-gB0SPfwKRmMkiYsHNcbRr5KIHWTnYrMI/5OAjPIiz/2j294wRnObzrbJK3T+qJSL
-A2mEXXPPK7i0hUwH12ZJej/h98lPQA+NiDgDOaq4asyq4pcHrR2T2NyiiR2+Xi/L
-2Lz1zKj4iQ3f5g0ktmAEdGcDtV7tI0xZeXWEtesRXeXmqPmjLskJozUoZP1GXXAz
-80PySK2HsEQ/846q1Ybl5KYwbSH+l8jLIyqMDTQnCYG+Ft1moCk3HLyc4c1ALVov
-1Rvom8u3dM5tUtpuZMwcJwADBQf+MCohqLqGJmEdiTEnmggsiKSoZTIBJhcujRaL
-pxPpBlXz6P2bvlprUedBs+zxEEI+Q/CqIlyYaN+Kca1FK4YG9iQoHmb9IIVHf4C/
-lyWSx1xK+BnIk7SEfMjpGAjofNzNc34NmebnosHfP/g3ruLo6EgtjQ68iUty9PgX
-Q1bZQ/SeXk16b8Nn0xQa9S+hg5LAxA+DuSvXbMqU5q2p8JlPgGEFVKzaVcxPhppB
-Kcv/2CxjsqXj/6sW3nFSw+8Jd4SWL1+cPZ1v1WHG3SUMFoLAjSmVj3X8roG5EiLi
-QxSGOUz8uVtvumfKyd25MYmgHMELL7fxhrZcw2OVdo977lt2fIhJBBgRAgAJBQJL
-B7ruAhsMAAoJEMKdl+0ZjSKjgrAAoLeln17YxSQA7RUHwTbquOA92odMAKDiq7c8
-p2hUs3rZaXY1aMmExyB0gQ==
-=l5lk
+mQENBFilZHYBCADGVuvyV9yg2GW7bslnPylaa9cxb3IXmb0qC7hUJueGnz0vLdit
+/fPPPfsI3/hgcQYK1Y8cP5p2Pq+CZL0TVQWBEu2naH2unwxtfNm1EJcWDsky9DzW
+CZQrcZ/v/coaV4UqMTVzGQaxQOzzeaP5nRgdX95dVKqXqsG8wKoIJmBuILAqkOPi
+4EG9NQt2Lbqaiszo3LdsqyeGYK2yc745xBX4UDgIN7XTrXcQDyUOb4dsJynbM+Z9
+8NMQxdA5q0s6BwWSA1xK/gKUCzfF7D1fwWuO2MoedHveB45rOMSFlfVUgr7fa1CR
+zCe7lccu0APfgXrTnNWwWMVoQMO8HIyk2iGnABEBAAG0JVNhbXVsaSBTZXBww6Ru
+ZW4gPHNhbXVsaUBvcGVudnBuLm5ldD6JATgEEwECACIFAlilZtwCGwMGCwkIBwMC
+BhUIAgkKCwQWAgMBAh4BAheAAAoJEClYTZ9AhkV46tEH/Aot7SnpcLHpEkkCX7Jm
+ERrWuqIwYJp7fQlbOPAVZG1+iC/3KlhYxHmH1/Dj6rP3LEEfWpCQSHSbBFkzPtZ6
+AGnEfaxovXjso/tgnAAjYnxy9R0+1t0g5T6anXzCAjl3+mOssjzWBICBDZaFW9Rd
+R47vCA92Fp9kAy3N+AMOv1HfTabaPo6p8HbaBSUQtgdOrfoBSXaFzaPSp8uwonQW
+xRvpG91XtDrEoQio13460025ww+sZe5mIH4c7xhKBEZPswO2xnFszcFp3u12Glbj
+eloAn8oxNycEuw11DfsHf2ctlbQCOLlJJxh2MND5SyL0SjCWMqO7v2c8UUUe4igS
+xeuIRgQQEQIABgUCWKVo6wAKCRDCnZftGY0ioxDUAJ45kbXxCH3hiUexMvlJzvgN
+mZmpyACg0UKbcmHUiFhnhyjtTTmAS5TjB8G0LFNhbXVsaSBTZXBww6RuZW4gPHNh
+bXVsaS5zZXBwYW5lbkBnbWFpbC5jb20+iQE4BBMBAgAiBQJYpWR2AhsDBgsJCAcD
+AgYVCAIJCgsEFgIDAQIeAQIXgAAKCRApWE2fQIZFeLAeB/9lGhVfON8TR6o6+lbm
+GslU2xqV3PQ3hVuAlEttxpP4hCTKU0PwLLb7gtc0UF642qyB7ho2RtU+bg1tiq5z
+R93Ka92Aex4yJDI4viEJ04MTX2WLRv6ogGTRrytIqmYGbYHTFXlnMnQD7Tf+O4sv
+8tJj5gguB/zT8MXQGqU6zq9CF6b3XXdPSITkC7df/CU425HI4V5HvluC/4GrzFZI
+za4Hv/d8G1tXzHXDqoLIBdS44g6GRdXak3PfROKsuk7sG/MmtfbfUPnyBI+yaGQk
+jhlj3BRY0b1dg7T5SiZ6NoMXFH9zKEh7KnG8CaoqiNWDSp2sazy8kbZR5HUp2jOt
+yXmgiEYEEBECAAYFAlilaOsACgkQwp2X7RmNIqOStQCePGpvkvmpISX4fR+lGAlt
+VtWf3XgAmwQTECYXlq3NMdefzLxA5dnxstlEuQENBFilZHYBCADEe46V63aYL+VL
+nZbmBz78KA0fOb5qopFQsOp79FdCQevGXa6JtdibaOLhWUiaMNgkGXma0rSzv/yc
+kDX310JSSrNvbXtbn29MdmCZhWum3lT0bhHltF2w23ha913AEneUq1TAESZz74zJ
+wGtoej7f2H0e3qjOKtwIzItnHRQSHXFRZUh1IRbZAqXQKqRRWiYVLG3pgF1iC9gA
+jLcihK9P89G8jUmB8Ko+9Guw6JszKN+l5SVuK+ttrKCRi8hrkOIiazQUL4gu9PZs
+aGPxNdwnzKGHGZKT0WglXavZFMWHunb6I9/CrCK3ekyHWAvYF7IY95r4SH+CtKqj
+QoW8fOeVABEBAAGJAR8EGAECAAkFAlilZHYCGwwACgkQKVhNn0CGRXiO1QgAh3/I
+EELh+pTiII5IiolHXEKEmgJ6WUU4RzM26Pfv3yMQKqUKBeEvKc21ZWmMKzPWXOE8
+1np7DVXcp0ayiXrfGheGbXSpFP5WGlquYdYjVegBgRJ+v/r/QR+Oy2kbq0lsWuNz
+Eia08fEHr7PM7mct0d1rFVuSS1m+1YOZNN8e/eSox84HvboSq6xk+3IC1NGXXdUQ
+qObWceUyU0KmmBFMV86pUgI/YbA2uMxkFK8XGsOqMgTBdBWHTTcSOfmPsu/04zDl
+MuQ+GC2WcUHoTtxytA432TzOixF5wfunqTzXeZxAybQPkETmAFgHT0BmUVShwPQ0
+XuwT7RpGDZ6jBfphYQ==
+=FKLE
 -----END PGP PUBLIC KEY BLOCK-----

docs/gce/openvpn-server-cert-extfile.cfg

@@ -0,0 +1,2 @@
+keyUsage = digitalSignature, keyAgreement
+extendedKeyUsage = serverAuth

docs/gce/openvpn.conf

@@ -3,6 +3,7 @@ proto udp
 
 dev tun
 server 10.8.0.0 255.255.255.0
+server-ipv6 fd12:3456:789a:bcde::/64
 topology subnet
 
 # Because GCE doesn't support IPv6 we
@@ -11,16 +12,6 @@ topology subnet
 # This forces clients to switch to using IPv4 addresses.
 push "dhcp-option DNS 10.8.0.1"
 
-# Blackhole IPv6 traffic because GCE does not support IPv6.
-# This is achieved by making OpenVPN server have a fake IPv6 address
-# (otherwise OpenVPN server will not push IPv6 information to
-# client) and pushing a route to the client to blackhole IPv6 traffic
-# client-side.
-server-ipv6 2001:db8:123::/64
-# OpenVPN 2.3 doesn't work well with IPv6. Push a route to client
-# to blackhole IPv6 traffic on the client.
-push "route-ipv6 2000::/3"
-
 # Enabling floating mode to work around the issue where
 # some clients's source IP+port may change mid-session because
 # of NAT.
@@ -57,4 +48,9 @@ ca /etc/openvpn/ca_cert.pem
 cert /etc/openvpn/server_cert.pem
 key /etc/openvpn/server_key.pem
 
-dh /etc/openvpn/dhparam2048.pem
+dh none
+
+tls-cipher TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384:TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
+
+# Symmetric tunnel crypto config
+cipher AES-256-GCM

docs/gce/readme.md

@@ -1,4 +1,4 @@
-#Nogotofail MiTM on Google Compute Engine VM instance
+# Nogotofail MiTM on Google Compute Engine VM instance
 
 ## Overview
 In this setup, traffic from clients to be MiTM'd is routed through a Google

docs/gce/setup_openvpn.sh

@@ -20,17 +20,15 @@ echo "Generating server public key pair and certificate..."
 openssl genrsa -out $CONFIG_DIR/server_key.pem 2048
 openssl req -new -key $CONFIG_DIR/server_key.pem -out $CONFIG_DIR/server_csr.pem -subj '/CN=server.vpn.nogotofail'
 chmod 600 $CONFIG_DIR/server_key.pem
-openssl x509 -req -in $CONFIG_DIR/server_csr.pem -CA $CONFIG_DIR/ca_cert.pem -CAkey $CONFIG_DIR/ca_key.pem -CAcreateserial -out $CONFIG_DIR/server_cert.pem -sha256 -days 365
+openssl x509 -req -in $CONFIG_DIR/server_csr.pem -CA $CONFIG_DIR/ca_cert.pem -CAkey $CONFIG_DIR/ca_key.pem -CAcreateserial -out $CONFIG_DIR/server_cert.pem -sha256 -days 365 -extfile openvpn-server-cert-extfile.cfg
 rm $CONFIG_DIR/server_csr.pem
 
 echo "Generating client public key pair and certificate..."
 openssl genrsa -out $CONFIG_DIR/client_key.pem 2048
 openssl req -new -key $CONFIG_DIR/client_key.pem -out $CONFIG_DIR/client_csr.pem -subj '/CN=client.vpn.nogotofail'
-openssl x509 -req -in $CONFIG_DIR/client_csr.pem -CA $CONFIG_DIR/ca_cert.pem -CAkey $CONFIG_DIR/ca_key.pem -CAcreateserial -out $CONFIG_DIR/client_cert.pem -sha256 -days 365
+openssl x509 -req -in $CONFIG_DIR/client_csr.pem -CA $CONFIG_DIR/ca_cert.pem -CAkey $CONFIG_DIR/ca_key.pem -CAcreateserial -out $CONFIG_DIR/client_cert.pem -sha256 -days 365 -extfile openvpn-client-cert-extfile.cfg
 rm $CONFIG_DIR/client_csr.pem
 
-openssl dhparam 2048 > $CONFIG_DIR/dhparam2048.pem
-
 cp "$SRC_DIR/openvpn.conf" $CONFIG_DIR/
 
 # Determine external IP address of this host.

docs/getting_started.md

@@ -1,10 +1,10 @@
-#Getting Started
-##Files you’ll need to provide
+# Getting Started
+## Files you’ll need to provide
 
 
 Before running nogotofail there are some files you’ll need to create or provide.
 
-###MiTM Server certificate
+### MiTM Server certificate
 
 
 The connection between clients and the MiTM is protected by a self-signed
@@ -16,12 +16,12 @@ For example the OpenSSL command to generate such a certificate is:
 
     $ openssl req -x509 -newkey rsa:2048 -sha256 -subj "/CN=mitm.nogotofail/" -nodes -keyout server.crt -out server.crt
 
-###Invalid Hostname Certificate
+### Invalid Hostname Certificate
 
 The Invalid hostname attack attempts a MiTM by presenting a trusted certificate
 for another domain name. For example a trusted certificate for evil.com being
 presented for a connection to example.com. If the application does not do
-hostname verification correctly it will incorrect trust the MiTM. This has
+hostname verification correctly, it will incorrectly trust the MiTM. This has
 historically been one of the common SSL issues besides not checking chain of
 trust of SSL certificates.  To test for this issue you will need to provide a
 trusted certificate chain for an arbitrary domain. You have two options for how
@@ -44,13 +44,13 @@ To verify the chain is correct
     $ openssl verify -CApath /etc/ssl/certs/ -untrusted trusted-cert.pem trusted-cert.pem
 You should see OK as the output.
 
-###ImageReplace Image
+### ImageReplace Image
 
 If you decide to use the image replacement data attack you’ll need to provide an image to
 replace with in the form of replace.png in nogotofail.mitm’s working directory.
 We recommend something noticeable that scales well.
 
-##Example Walkthrough
+## Example Walkthrough
 
 
 Here is a quick walkthrough of running and testing the MiTM locally.
@@ -171,7 +171,7 @@ attack for later analysis.
 6. The connection closes
 
 
-###Getting on path
+### Getting on path
 
 
 Now that you’ve set up nogotofail and seen how it runs the next step is to put
@@ -199,15 +199,15 @@ OpenVPN as there is lots of documentation for how to set up an OpenVPN server.
 Our main setup has been OpenVPN running on a Google Compute Engine instance. See instructions in
 [gce/readme.md](gce/readme.md).
 
-####Testing Android
+#### Testing Android
 For testing Android devices we have included our [Android client](/nogotofail/clients/android) ready
 to be imported into Eclipse. You will have to build the app and install it on your test device.
 
 For testing you can use the access point nogotofail setups or on  devices >=JB you can use
 the OpenVPN setup and a third party VPN application to route your traffic.
 
 
-#####Getting on path on a Linux machine
+##### Getting on path on a Linux machine
 On a Linux machine with the following example topology:
 
 
@@ -237,7 +237,7 @@ Now traffic will be flowing through the MiTM box from the test device to the
 Internet.
 
 
-###Now you’re on path
+### Now you’re on path
 
 
 By default clients connect to the MiTM using hostname mitm.nogotofail
@@ -255,7 +255,7 @@ in [example.conf](example.conf), and run it with `python -m nogotofail.mitm -c <
 If you’re running in an iptables mode you’ll also need to run nogotofail.mitm as
 root so it can set up the routing rules to intercept traffic.
 
-####Useful arguments
+#### Useful arguments
 
 
 
@@ -286,7 +286,7 @@ important ones you’ll want to tweak.
 
  You can see all the options by running `python -m nogotofail.mitm --help`.
 
-#####Logging
+##### Logging
 
 
 Additionally, you will probably want to log to files in addition to stdout.