-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtofu_mitm.py
59 lines (46 loc) · 1.66 KB
/
tofu_mitm.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
from poorman_handshake import HandShake
"""
In this example the RSA keys are static
On every new handshake the same private keys are used
the public keys were exchanged insecurely
can verify you are communicating with the same node you first got the keys from
still vulnerable to MitM on initial connection
"""
path_to_bob_key = "bob.asc"
path_to_alice_key = "alice.asc"
bob = HandShake(path_to_bob_key)
alice = HandShake(path_to_alice_key)
# eve is our MitM,
# pretends to be bob when talking to alice,
# and pretends to be alice when talking to bob
eve = HandShake()
#### Insecure communication starts here
def do_the_shake(alice, bob):
# exchange public keys over any insecure channel
# trust on first use
if not bob.target_key:
bob.load_public(alice.pubkey)
print("Bob now trusts Alice")
if not alice.target_key:
alice.load_public(bob.pubkey)
print("Alice now trusts Bob")
# exchange handshakes (encrypted with pubkey) over any insecure channel
alice_shake = alice.generate_handshake()
bob_shake = bob.generate_handshake()
# read and verify handshakes
bob.receive_and_verify(alice_shake)
alice.receive_and_verify(bob_shake)
print("Success", bob.secret.hex())
do_the_shake(alice, bob) # trust established
eve.load_public(alice.pubkey) # eve pretends to be bob
try:
do_the_shake(alice, eve)
except:
print("alice did not trust eve") # MitM failed
alice.target_key = None # undo alice/bob handshake
do_the_shake(alice, eve) # eve does the handshake before bob
print("alice thinks eve is bob") # MitM success
try:
do_the_shake(alice, bob)
except:
print("alice did not trust the real bob")