summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDimitri Sokolyuk <demon@dim13.org>2015-08-31 16:36:29 +0200
committerDimitri Sokolyuk <demon@dim13.org>2015-08-31 16:36:29 +0200
commit8040ab81e7072dade256ba2664934ca39a635e67 (patch)
treef99ed84edc35c64ebc5e5da2b4310a077d8fe0aa
Initial import
-rw-r--r--cert.pem30
-rw-r--r--cert.txt91
-rw-r--r--client.pem25
-rw-r--r--client.txt76
-rw-r--r--main.go152
-rw-r--r--server.pem25
-rw-r--r--server.txt76
7 files changed, 475 insertions, 0 deletions
diff --git a/cert.pem b/cert.pem
new file mode 100644
index 0000000..0ae844f
--- /dev/null
+++ b/cert.pem
@@ -0,0 +1,30 @@
+-----BEGIN CERTIFICATE-----
+MIIFGzCCAwOgAwIBAgIIMAHyTIhy7wYwDQYJKoZIhvcNAQELBQAwGzEZMBcGA1UE
+AwwQQlRDIFBpw7FhdGEgVGVhbTAeFw0xNTA3MDMxNTIwMjNaFw0yNTA2MzAxNTIw
+MjNaMBsxGTAXBgNVBAMMEEJUQyBQacOxYXRhIFRlYW0wggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQCdFUbuhY6Mss23E0E1606NgP41FlmU3j4XSaRvUlUm
+ne+RjcVfXy+2e++KDi0EQp/ZgvlbRPvzTUjwX4MV0baxQaVXx0gSPFpQPrPmyD3z
+66KRtFCNnhlVmxiXNE598aMwwTv4akMZlF4N0nPSWE5udzLgeqajyGBfTMxYr+LQ
+SgOKVZWxrOKdBvll+Nenpog9R2b2qK/FBzzFBmCyf2tve53C2e4vwPXloPk40Xok
+QLIC2VQbdQzb9Nc+MgQZJFVrMdd9yqJoTyWVKwjUxQZtj6C7ZzyC9FctOzMoaRbK
+CcgfuwfCqcm9jtbVOnGUXy+YfFgFFcvWqVYArF+FV6JszIoQIPMWzJknoadzKbFT
+D+XnbobnrO1lWHnzkI/m6A/thMr/bJuoeW75YP5cJJuEiXiIzvqrpOkHQTfgEBdR
+5aiyk7Oy/zfoS9gN5+jbmg+/zdSwsnhwp4skvVpKMiDRMw1SUK7z1Dv4KEHZtYuO
+upl9uqu1UF5eICdOJG6+kEzVrKbaXIkmUFjI+wIVJdJmulA+YiDw4Wpdr7lDNBmM
++UMwYhJPL/7U0E4spJAosmKSoUrf8bmlXzwmpkTm2adriPFoE5P3fnrlg26VpNpG
+faD3Sz170vcOUMJ9MGXMAzv3h3HnjzsdNMzTdicF8GlRcDB8uNleMLeMAnkQwYrX
+RQIDAQABo2MwYTAfBgNVHSMEGDAWgBQJ/2W6E0N3XEFSdab0k8TFBIAzCTAdBgNV
+HQ4EFgQUCf9luhNDd1xBUnWm9JPExQSAMwkwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
+HQ8BAf8EBAMCAcYwDQYJKoZIhvcNAQELBQADggIBAFbVC4DmRBfo0Ci12XPeyvRP
+e2SlptzQ7Hznfr+NEyRFHYlNc2ITHCSGz/dg9BJlMxU/+qtevS774WmEcNAdo167
+dagVo78N46jKLTLiZNMflikuV93UcPDtUVLF7mSnSe3yYJFora0krKVPxSuE/uC2
+yka3e1waduC1zJ0OP/Rk98UywzG/Buoops5yi0ZP018lErfa6RWY87OHOPy1mGiN
+3EPKEnw3klxV6QCP2OSHKbzhpxmk11m17Vkrpf37QspBMS2mFRVC+u6Qj3mhxg8g
+MVQtc3PZwi6ZaK9wCzuGJ/oVAh+GqoHoNH00w0SktM2uhcwUkECx5OHTzwY5q6uu
+BNUFs/ulwEXq4VOgcYPgP4d/4j1LscHqmfLMHMWxrsvpLkKju+oNhvGG87C2mMoe
+fa+vaPCvjNJXBaCORfJrVY6kBRtjUS+GOzp6Kutc1bMvEjtw1fYbjKdarRH/dRVn
+XkQjk9y6L34dDi8LAhb3c7hfPdU9inOw3avAK+gru3oZXBNDH/M4sjJOXQAmlmaC
+m6ws7AHe49OPjupE6HzjFId8RWSC3sUdDWs6e/LvFzWorpWhJHGj/iR5Fk7QAQQE
+3vO8MTOTl6y67/FxZrk9wPlFCRUpnx240RhoEpfaDEHHCvAqpVDLTiepj707Udr0
+uWdtwtlBtMGF1jgGKIrO
+-----END CERTIFICATE-----
diff --git a/cert.txt b/cert.txt
new file mode 100644
index 0000000..8ad84f4
--- /dev/null
+++ b/cert.txt
@@ -0,0 +1,91 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 30:01:f2:4c:88:72:ef:06
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=BTC Pi\xC3\xB1ata Team
+ Validity
+ Not Before: Jul 3 15:20:23 2015 GMT
+ Not After : Jun 30 15:20:23 2025 GMT
+ Subject: CN=BTC Pi\xC3\xB1ata Team
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (4096 bit)
+ Modulus (4096 bit):
+ 00:9d:15:46:ee:85:8e:8c:b2:cd:b7:13:41:35:eb:
+ 4e:8d:80:fe:35:16:59:94:de:3e:17:49:a4:6f:52:
+ 55:26:9d:ef:91:8d:c5:5f:5f:2f:b6:7b:ef:8a:0e:
+ 2d:04:42:9f:d9:82:f9:5b:44:fb:f3:4d:48:f0:5f:
+ 83:15:d1:b6:b1:41:a5:57:c7:48:12:3c:5a:50:3e:
+ b3:e6:c8:3d:f3:eb:a2:91:b4:50:8d:9e:19:55:9b:
+ 18:97:34:4e:7d:f1:a3:30:c1:3b:f8:6a:43:19:94:
+ 5e:0d:d2:73:d2:58:4e:6e:77:32:e0:7a:a6:a3:c8:
+ 60:5f:4c:cc:58:af:e2:d0:4a:03:8a:55:95:b1:ac:
+ e2:9d:06:f9:65:f8:d7:a7:a6:88:3d:47:66:f6:a8:
+ af:c5:07:3c:c5:06:60:b2:7f:6b:6f:7b:9d:c2:d9:
+ ee:2f:c0:f5:e5:a0:f9:38:d1:7a:24:40:b2:02:d9:
+ 54:1b:75:0c:db:f4:d7:3e:32:04:19:24:55:6b:31:
+ d7:7d:ca:a2:68:4f:25:95:2b:08:d4:c5:06:6d:8f:
+ a0:bb:67:3c:82:f4:57:2d:3b:33:28:69:16:ca:09:
+ c8:1f:bb:07:c2:a9:c9:bd:8e:d6:d5:3a:71:94:5f:
+ 2f:98:7c:58:05:15:cb:d6:a9:56:00:ac:5f:85:57:
+ a2:6c:cc:8a:10:20:f3:16:cc:99:27:a1:a7:73:29:
+ b1:53:0f:e5:e7:6e:86:e7:ac:ed:65:58:79:f3:90:
+ 8f:e6:e8:0f:ed:84:ca:ff:6c:9b:a8:79:6e:f9:60:
+ fe:5c:24:9b:84:89:78:88:ce:fa:ab:a4:e9:07:41:
+ 37:e0:10:17:51:e5:a8:b2:93:b3:b2:ff:37:e8:4b:
+ d8:0d:e7:e8:db:9a:0f:bf:cd:d4:b0:b2:78:70:a7:
+ 8b:24:bd:5a:4a:32:20:d1:33:0d:52:50:ae:f3:d4:
+ 3b:f8:28:41:d9:b5:8b:8e:ba:99:7d:ba:ab:b5:50:
+ 5e:5e:20:27:4e:24:6e:be:90:4c:d5:ac:a6:da:5c:
+ 89:26:50:58:c8:fb:02:15:25:d2:66:ba:50:3e:62:
+ 20:f0:e1:6a:5d:af:b9:43:34:19:8c:f9:43:30:62:
+ 12:4f:2f:fe:d4:d0:4e:2c:a4:90:28:b2:62:92:a1:
+ 4a:df:f1:b9:a5:5f:3c:26:a6:44:e6:d9:a7:6b:88:
+ f1:68:13:93:f7:7e:7a:e5:83:6e:95:a4:da:46:7d:
+ a0:f7:4b:3d:7b:d2:f7:0e:50:c2:7d:30:65:cc:03:
+ 3b:f7:87:71:e7:8f:3b:1d:34:cc:d3:76:27:05:f0:
+ 69:51:70:30:7c:b8:d9:5e:30:b7:8c:02:79:10:c1:
+ 8a:d7:45
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Authority Key Identifier:
+ keyid:09:FF:65:BA:13:43:77:5C:41:52:75:A6:F4:93:C4:C5:04:80:33:09
+
+ X509v3 Subject Key Identifier:
+ 09:FF:65:BA:13:43:77:5C:41:52:75:A6:F4:93:C4:C5:04:80:33:09
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 Key Usage: critical
+ Digital Signature, Non Repudiation, Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 56:d5:0b:80:e6:44:17:e8:d0:28:b5:d9:73:de:ca:f4:4f:7b:
+ 64:a5:a6:dc:d0:ec:7c:e7:7e:bf:8d:13:24:45:1d:89:4d:73:
+ 62:13:1c:24:86:cf:f7:60:f4:12:65:33:15:3f:fa:ab:5e:bd:
+ 2e:fb:e1:69:84:70:d0:1d:a3:5e:bb:75:a8:15:a3:bf:0d:e3:
+ a8:ca:2d:32:e2:64:d3:1f:96:29:2e:57:dd:d4:70:f0:ed:51:
+ 52:c5:ee:64:a7:49:ed:f2:60:91:68:ad:ad:24:ac:a5:4f:c5:
+ 2b:84:fe:e0:b6:ca:46:b7:7b:5c:1a:76:e0:b5:cc:9d:0e:3f:
+ f4:64:f7:c5:32:c3:31:bf:06:ea:28:a6:ce:72:8b:46:4f:d3:
+ 5f:25:12:b7:da:e9:15:98:f3:b3:87:38:fc:b5:98:68:8d:dc:
+ 43:ca:12:7c:37:92:5c:55:e9:00:8f:d8:e4:87:29:bc:e1:a7:
+ 19:a4:d7:59:b5:ed:59:2b:a5:fd:fb:42:ca:41:31:2d:a6:15:
+ 15:42:fa:ee:90:8f:79:a1:c6:0f:20:31:54:2d:73:73:d9:c2:
+ 2e:99:68:af:70:0b:3b:86:27:fa:15:02:1f:86:aa:81:e8:34:
+ 7d:34:c3:44:a4:b4:cd:ae:85:cc:14:90:40:b1:e4:e1:d3:cf:
+ 06:39:ab:ab:ae:04:d5:05:b3:fb:a5:c0:45:ea:e1:53:a0:71:
+ 83:e0:3f:87:7f:e2:3d:4b:b1:c1:ea:99:f2:cc:1c:c5:b1:ae:
+ cb:e9:2e:42:a3:bb:ea:0d:86:f1:86:f3:b0:b6:98:ca:1e:7d:
+ af:af:68:f0:af:8c:d2:57:05:a0:8e:45:f2:6b:55:8e:a4:05:
+ 1b:63:51:2f:86:3b:3a:7a:2a:eb:5c:d5:b3:2f:12:3b:70:d5:
+ f6:1b:8c:a7:5a:ad:11:ff:75:15:67:5e:44:23:93:dc:ba:2f:
+ 7e:1d:0e:2f:0b:02:16:f7:73:b8:5f:3d:d5:3d:8a:73:b0:dd:
+ ab:c0:2b:e8:2b:bb:7a:19:5c:13:43:1f:f3:38:b2:32:4e:5d:
+ 00:26:96:66:82:9b:ac:2c:ec:01:de:e3:d3:8f:8e:ea:44:e8:
+ 7c:e3:14:87:7c:45:64:82:de:c5:1d:0d:6b:3a:7b:f2:ef:17:
+ 35:a8:ae:95:a1:24:71:a3:fe:24:79:16:4e:d0:01:04:04:de:
+ f3:bc:31:33:93:97:ac:ba:ef:f1:71:66:b9:3d:c0:f9:45:09:
+ 15:29:9f:1d:b8:d1:18:68:12:97:da:0c:41:c7:0a:f0:2a:a5:
+ 50:cb:4e:27:a9:8f:bd:3b:51:da:f4:b9:67:6d:c2:d9:41:b4:
+ c1:85:d6:38:06:28:8a:ce
diff --git a/client.pem b/client.pem
new file mode 100644
index 0000000..d4b8573
--- /dev/null
+++ b/client.pem
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIELzCCAhegAwIBAgIJANO1ZKwuZdAdMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNV
+BAMMEEJUQyBQacOxYXRhIFRlYW0wHhcNMTUwNzAzMTUyNTMyWhcNMTYwNzAyMTUy
+NTMyWjAZMRcwFQYDVQQDDA5QacOxYXRhIGNsaWVudDCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAKjTsy3/FJ8++11j3wibgxcHcmxezf6PXhYT1eX0xMC9
+7FGIEw/XcDMplbhd7blAZz0MZ2czGwkWn3ZYN2Jjb/41PVFnzFlRdlRE9TGMu16w
+3m5UUKRdDwQlOhL+MkgJDDN4n66/bT3tLW1ARdjKWDl/DnKrH7rCvrNbBoVMJifg
+i7WDIYmLI/3P86PrPloruU/xR/IUZr7jmlQhfBtQ3wNiccpJUa8jFx2OF3MelbmQ
+Cdqbljsp+x7DbR1iyGy5B8nVp6jJnyfIm+2dCVfvPKFEOk26/mjnrd7SK5dQ42w5
+KV1lAcrtUl4qm7A1Vnf9q+Kbe5X6O9HiBEuH7UWstMECAwEAAaN4MHYwHwYDVR0j
+BBgwFoAUCf9luhNDd1xBUnWm9JPExQSAMwkwHQYDVR0OBBYEFNJKNm5zlTzNe2jJ
++/Nz8m0ajfqvMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgWgMBYGA1UdJQEB
+/wQMMAoGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4ICAQCCeuRnJ23wvQ1CRb3T
+ul28HE45+UZ6Q3qt35SkI48YD1C6dGFTR11RaCTNi2kCsM/xL/u90eoyH91PR8aS
+gQ5Ftz/Cc0uoOIIHgrzWa92WRriHNgNVEj1X3jiTi/qDklZ+j0it1noWGoBVrpUb
+zpseET23EyMjIU/2L/pbwFPhxJ1gEZwBGeZoDBn1axTl1dTvdUiCnHLczF4bQScJ
+6gOpF01tC/q2CHgI4Ql4o3zWh+IlmzfXdbUZImhyojl9ih/tANR79nwuqQG63/I7
+PGwniG1o8fbqerbHmAYJ/TTjHUbl2nCoR/IdbGxjgmfZBVYV6HnAJWQmb69mM4UY
+tvrm/dK5O6AXAgsEP/ccpfHxIjsArDR43CJoeSq7KYx84bq1SOs7C/IZwUZFcKvG
+eeeeS/8D2cSPjt4405anpG1RfZiGCP++zw8IwJ6u9L4a5Uy4YJs0TTRA/atpcwdZ
+nUe9HR+VDe15ZbDRcJvHDCxgr5l4m5huHhwNF5MI8yL2A8+85vIhuBexpKj52agj
+bt3y84FvrNK1aobFlPDeruovERB47g87OUpr97aCODSVRWSgazQiVxK0d0daV0rY
+6MUIhsciIeKoyDMu01LvsoWd62UqfxLpX8iasdLvcIVF7kNKrMgATNcciHtDOivP
+73NBZ+9ioWfC49anP5sCEj936g==
+-----END CERTIFICATE-----
diff --git a/client.txt b/client.txt
new file mode 100644
index 0000000..e03a46e
--- /dev/null
+++ b/client.txt
@@ -0,0 +1,76 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ d3:b5:64:ac:2e:65:d0:1d
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=BTC Pi\xC3\xB1ata Team
+ Validity
+ Not Before: Jul 3 15:25:32 2015 GMT
+ Not After : Jul 2 15:25:32 2016 GMT
+ Subject: CN=Pi\xC3\xB1ata client
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (2048 bit)
+ Modulus (2048 bit):
+ 00:a8:d3:b3:2d:ff:14:9f:3e:fb:5d:63:df:08:9b:
+ 83:17:07:72:6c:5e:cd:fe:8f:5e:16:13:d5:e5:f4:
+ c4:c0:bd:ec:51:88:13:0f:d7:70:33:29:95:b8:5d:
+ ed:b9:40:67:3d:0c:67:67:33:1b:09:16:9f:76:58:
+ 37:62:63:6f:fe:35:3d:51:67:cc:59:51:76:54:44:
+ f5:31:8c:bb:5e:b0:de:6e:54:50:a4:5d:0f:04:25:
+ 3a:12:fe:32:48:09:0c:33:78:9f:ae:bf:6d:3d:ed:
+ 2d:6d:40:45:d8:ca:58:39:7f:0e:72:ab:1f:ba:c2:
+ be:b3:5b:06:85:4c:26:27:e0:8b:b5:83:21:89:8b:
+ 23:fd:cf:f3:a3:eb:3e:5a:2b:b9:4f:f1:47:f2:14:
+ 66:be:e3:9a:54:21:7c:1b:50:df:03:62:71:ca:49:
+ 51:af:23:17:1d:8e:17:73:1e:95:b9:90:09:da:9b:
+ 96:3b:29:fb:1e:c3:6d:1d:62:c8:6c:b9:07:c9:d5:
+ a7:a8:c9:9f:27:c8:9b:ed:9d:09:57:ef:3c:a1:44:
+ 3a:4d:ba:fe:68:e7:ad:de:d2:2b:97:50:e3:6c:39:
+ 29:5d:65:01:ca:ed:52:5e:2a:9b:b0:35:56:77:fd:
+ ab:e2:9b:7b:95:fa:3b:d1:e2:04:4b:87:ed:45:ac:
+ b4:c1
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Authority Key Identifier:
+ keyid:09:FF:65:BA:13:43:77:5C:41:52:75:A6:F4:93:C4:C5:04:80:33:09
+
+ X509v3 Subject Key Identifier:
+ D2:4A:36:6E:73:95:3C:CD:7B:68:C9:FB:F3:73:F2:6D:1A:8D:FA:AF
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Key Usage: critical
+ Digital Signature, Key Encipherment
+ X509v3 Extended Key Usage: critical
+ TLS Web Client Authentication
+ Signature Algorithm: sha256WithRSAEncryption
+ 82:7a:e4:67:27:6d:f0:bd:0d:42:45:bd:d3:ba:5d:bc:1c:4e:
+ 39:f9:46:7a:43:7a:ad:df:94:a4:23:8f:18:0f:50:ba:74:61:
+ 53:47:5d:51:68:24:cd:8b:69:02:b0:cf:f1:2f:fb:bd:d1:ea:
+ 32:1f:dd:4f:47:c6:92:81:0e:45:b7:3f:c2:73:4b:a8:38:82:
+ 07:82:bc:d6:6b:dd:96:46:b8:87:36:03:55:12:3d:57:de:38:
+ 93:8b:fa:83:92:56:7e:8f:48:ad:d6:7a:16:1a:80:55:ae:95:
+ 1b:ce:9b:1e:11:3d:b7:13:23:23:21:4f:f6:2f:fa:5b:c0:53:
+ e1:c4:9d:60:11:9c:01:19:e6:68:0c:19:f5:6b:14:e5:d5:d4:
+ ef:75:48:82:9c:72:dc:cc:5e:1b:41:27:09:ea:03:a9:17:4d:
+ 6d:0b:fa:b6:08:78:08:e1:09:78:a3:7c:d6:87:e2:25:9b:37:
+ d7:75:b5:19:22:68:72:a2:39:7d:8a:1f:ed:00:d4:7b:f6:7c:
+ 2e:a9:01:ba:df:f2:3b:3c:6c:27:88:6d:68:f1:f6:ea:7a:b6:
+ c7:98:06:09:fd:34:e3:1d:46:e5:da:70:a8:47:f2:1d:6c:6c:
+ 63:82:67:d9:05:56:15:e8:79:c0:25:64:26:6f:af:66:33:85:
+ 18:b6:fa:e6:fd:d2:b9:3b:a0:17:02:0b:04:3f:f7:1c:a5:f1:
+ f1:22:3b:00:ac:34:78:dc:22:68:79:2a:bb:29:8c:7c:e1:ba:
+ b5:48:eb:3b:0b:f2:19:c1:46:45:70:ab:c6:79:e7:9e:4b:ff:
+ 03:d9:c4:8f:8e:de:38:d3:96:a7:a4:6d:51:7d:98:86:08:ff:
+ be:cf:0f:08:c0:9e:ae:f4:be:1a:e5:4c:b8:60:9b:34:4d:34:
+ 40:fd:ab:69:73:07:59:9d:47:bd:1d:1f:95:0d:ed:79:65:b0:
+ d1:70:9b:c7:0c:2c:60:af:99:78:9b:98:6e:1e:1c:0d:17:93:
+ 08:f3:22:f6:03:cf:bc:e6:f2:21:b8:17:b1:a4:a8:f9:d9:a8:
+ 23:6e:dd:f2:f3:81:6f:ac:d2:b5:6a:86:c5:94:f0:de:ae:ea:
+ 2f:11:10:78:ee:0f:3b:39:4a:6b:f7:b6:82:38:34:95:45:64:
+ a0:6b:34:22:57:12:b4:77:47:5a:57:4a:d8:e8:c5:08:86:c7:
+ 22:21:e2:a8:c8:33:2e:d3:52:ef:b2:85:9d:eb:65:2a:7f:12:
+ e9:5f:c8:9a:b1:d2:ef:70:85:45:ee:43:4a:ac:c8:00:4c:d7:
+ 1c:88:7b:43:3a:2b:cf:ef:73:41:67:ef:62:a1:67:c2:e3:d6:
+ a7:3f:9b:02:12:3f:77:ea
diff --git a/main.go b/main.go
new file mode 100644
index 0000000..9f59703
--- /dev/null
+++ b/main.go
@@ -0,0 +1,152 @@
+package main
+
+import (
+ "bytes"
+ "crypto/rsa"
+ "crypto/x509"
+ "encoding/hex"
+ "fmt"
+ "log"
+ "net"
+ "sync"
+)
+
+const (
+ host = `ownme.ipredator.se` // 198.167.222.202
+ clientPort = `:10002`
+ serverPort = `:10000`
+)
+
+type Direction int
+
+const (
+ ServerClient Direction = iota
+ ClientServer
+)
+
+func (d Direction) String() string {
+ switch d {
+ case ServerClient:
+ return "Server → Client"
+ case ClientServer:
+ return "Client → Server"
+ }
+ return "unknown"
+}
+
+type Data struct {
+ Key rsa.PublicKey
+ Rnd []byte
+}
+
+var data = make(map[Direction]Data)
+
+func (dir Direction) sniffCert(b []byte) error {
+ if i := bytes.Index(b, []byte{0x30, 0x82, 0x04, 0x2f}); i > 0 {
+ cert := b[i : i+1075]
+ crt, err := x509.ParseCertificate(cert)
+ if err != nil {
+ return err
+ }
+ d := data[dir]
+ d.Key = *crt.PublicKey.(*rsa.PublicKey)
+ data[dir] = d
+ }
+ return nil
+}
+
+func (dir Direction)sniffRnd(b []byte) error {
+ rnd := b[0x0b:0x2b]
+ fmt.Println(dir, "rnd", len(rnd), "bytes")
+ d := data[dir]
+ d.Rnd = rnd
+ data[dir] = d
+ return nil
+}
+
+// Remove DHE_RSA Chifers in Client Hello
+// altering any value leads to Handshake Failure after Cert Verify ???
+func downgrade(b []byte) int {
+ fmt.Println("downgrade")
+ fmt.Println(hex.Dump(b))
+
+ //b[0x0a] -= 2 // TLS 1.0
+ b[0x04] -= 14 // handshake len
+ b[0x08] -= 14 // hello len
+ b[0x2d] -= 14 // cipher set len
+
+ copy(b[0x2e:], b[0x2e+14:]) // copy second half over first (7 non dhe ciphers)
+ //copy(b[0x2e+14:], b[0x2e+28:]) // preserve fist half (7 dhe ciphers)
+
+ return len(b)-14
+}
+
+var trydowngrade = false
+
+func swapciphers(b []byte) {
+ fmt.Println(hex.Dump(b))
+
+ cipher1 := b[0x2e:0x3c]
+ cipher2 := b[0x3c:0x4a]
+
+ buf := make([]byte, len(b))
+ copy(buf, b)
+ copy(buf[0x2e:], cipher2)
+ copy(buf[0x3c:], cipher1)
+ copy(b, buf)
+}
+
+func (dir Direction) sniff(src, dst net.Conn, wg *sync.WaitGroup) {
+ defer wg.Done()
+ buf := make([]byte, 4096) // 1452
+ k := 1
+ for {
+ n, err := src.Read(buf)
+ if err != nil {
+ dst.Close()
+ return
+ }
+
+ if k == 1 {
+ dir.sniffRnd(buf)
+ if trydowngrade && dir == ClientServer {
+ n = downgrade(buf[:n])
+ //swapciphers(buf[:n])
+ }
+ }
+
+ fmt.Println(k, dir, n, "bytes")
+ fmt.Println(hex.Dump(buf[:n]))
+ k++
+
+ dir.sniffCert(buf[:n])
+
+ _, err = dst.Write(buf[:n])
+ if err != nil {
+ log.Println(dir, err)
+ return
+ }
+ }
+}
+
+func main() {
+ var wg sync.WaitGroup
+
+ srv, err := net.Dial("tcp", host+serverPort)
+ if err != nil {
+ log.Fatal(err)
+ }
+ defer srv.Close()
+
+ cnt, err := net.Dial("tcp", host+clientPort)
+ if err != nil {
+ log.Fatal(err)
+ }
+ defer cnt.Close()
+
+ wg.Add(2)
+ go ServerClient.sniff(srv, cnt, &wg)
+ go ClientServer.sniff(cnt, srv, &wg)
+ wg.Wait()
+// fmt.Println(data)
+}
diff --git a/server.pem b/server.pem
new file mode 100644
index 0000000..2531cd9
--- /dev/null
+++ b/server.pem
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIELzCCAhegAwIBAgIJAN6TseepmN9hMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNV
+BAMMEEJUQyBQacOxYXRhIFRlYW0wHhcNMTUwNzAzMTUyOTQzWhcNMTYwNzAyMTUy
+OTQzWjAZMRcwFQYDVQQDDA5QacOxYXRhIHNlcnZlcjCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBALQ++LEG9WDF4Xa7henGmNVybNcaHgypdlm7laTEnCbW
+goRtj9O7/e4uDEy/uwt40X3fXM7FqwCaO9gOHqWEv+Oc58NdeSH4GF7uyoyLGCXz
+Ay5HpUiEPm7aQI9MVZ/i73clpLdQKCJM2w6ZoaLi5r+ggYvP7d16UjmrAWtFlAJ1
+cmWEn1QV+z3bL+Dyl7/YJWJSQkhuYD4mZ8NuxYbc9Eif/Q/GkiSCRUy5RGXd7hOM
+F0p38vWjn+D2qx4OqnktJ04qY4DxgCvBYMgNyK9djXmr3JR5mdRcRq9uIFoaLI8t
+7kFAocYdXlTz4iuw8CdLMoNTXHPfQF4DlcxEqfn1sI8CAwEAAaN4MHYwHwYDVR0j
+BBgwFoAUCf9luhNDd1xBUnWm9JPExQSAMwkwHQYDVR0OBBYEFKfX3gMw2FMe3MwG
+k/Ei0jNpwJsEMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgWgMBYGA1UdJQEB
+/wQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4ICAQB8+yx2B3NRqcF/U9w1
+rt3cT30sC3F+BFs2xHNvg21CJYCIM5Rs5VFlk/62zCPdusLA2ytZUDbMPyeZvQ/E
+z0fC0PT7GBrQQwgvJHt8Rcolc3IwcDmLefcYsQe9yVAMwhHSvuKUb3ranlP6LiAo
+GFoIJG7qt/qOgajAZkVBY8AjdjDBGNeFqm2T+5oMBsURTf5/8oMCF0cglaKF3uBJ
+sN+JtqXCh/LxkpNRyEj4hq1eyL1L624O8J57niQVJxnNMYbkgSf/Y0Icog0YGXPA
+/2K8VWTbgCjuyCO8TFD3BtWpQu2R0+4dQvUSzzSre/ydyzAxEBc7WFTuZebajYLM
+8/eM99bApaSeanFfRbwuVdFJxNLnwGyOGbuO2DYv1YXDOFIUmNw6nIv91re28AKw
+mhWAE7GOswfwiqYZU2XPrSozWvWzdI/tjW9xv/5RQC+miUU63/2Ixy1GJSPwiTVN
+hGY8qPjRU4d+rbTyN/GmjYaj6kMno3nK3SQw7qTAj3pQGIEmBVAp3lOSNnUJBGnF
+1BNO3APdli0QQ4Yf2oKd4vyFYoQYtqFXuB4DjZnqny9lYobeJ4k5V3p13WBn9HAo
+0ucekjBEFwVqO36SZv75nLBbIzwSFb6ZKGEsegdOYBzY2k32kSbyvLDdIYz10KX4
+w3ij5IM3dOErjXQZBvL9HBzbAQ==
+-----END CERTIFICATE-----
diff --git a/server.txt b/server.txt
new file mode 100644
index 0000000..b63f9e2
--- /dev/null
+++ b/server.txt
@@ -0,0 +1,76 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ de:93:b1:e7:a9:98:df:61
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=BTC Pi\xC3\xB1ata Team
+ Validity
+ Not Before: Jul 3 15:29:43 2015 GMT
+ Not After : Jul 2 15:29:43 2016 GMT
+ Subject: CN=Pi\xC3\xB1ata server
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (2048 bit)
+ Modulus (2048 bit):
+ 00:b4:3e:f8:b1:06:f5:60:c5:e1:76:bb:85:e9:c6:
+ 98:d5:72:6c:d7:1a:1e:0c:a9:76:59:bb:95:a4:c4:
+ 9c:26:d6:82:84:6d:8f:d3:bb:fd:ee:2e:0c:4c:bf:
+ bb:0b:78:d1:7d:df:5c:ce:c5:ab:00:9a:3b:d8:0e:
+ 1e:a5:84:bf:e3:9c:e7:c3:5d:79:21:f8:18:5e:ee:
+ ca:8c:8b:18:25:f3:03:2e:47:a5:48:84:3e:6e:da:
+ 40:8f:4c:55:9f:e2:ef:77:25:a4:b7:50:28:22:4c:
+ db:0e:99:a1:a2:e2:e6:bf:a0:81:8b:cf:ed:dd:7a:
+ 52:39:ab:01:6b:45:94:02:75:72:65:84:9f:54:15:
+ fb:3d:db:2f:e0:f2:97:bf:d8:25:62:52:42:48:6e:
+ 60:3e:26:67:c3:6e:c5:86:dc:f4:48:9f:fd:0f:c6:
+ 92:24:82:45:4c:b9:44:65:dd:ee:13:8c:17:4a:77:
+ f2:f5:a3:9f:e0:f6:ab:1e:0e:aa:79:2d:27:4e:2a:
+ 63:80:f1:80:2b:c1:60:c8:0d:c8:af:5d:8d:79:ab:
+ dc:94:79:99:d4:5c:46:af:6e:20:5a:1a:2c:8f:2d:
+ ee:41:40:a1:c6:1d:5e:54:f3:e2:2b:b0:f0:27:4b:
+ 32:83:53:5c:73:df:40:5e:03:95:cc:44:a9:f9:f5:
+ b0:8f
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Authority Key Identifier:
+ keyid:09:FF:65:BA:13:43:77:5C:41:52:75:A6:F4:93:C4:C5:04:80:33:09
+
+ X509v3 Subject Key Identifier:
+ A7:D7:DE:03:30:D8:53:1E:DC:CC:06:93:F1:22:D2:33:69:C0:9B:04
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Key Usage: critical
+ Digital Signature, Key Encipherment
+ X509v3 Extended Key Usage: critical
+ TLS Web Server Authentication
+ Signature Algorithm: sha256WithRSAEncryption
+ 7c:fb:2c:76:07:73:51:a9:c1:7f:53:dc:35:ae:dd:dc:4f:7d:
+ 2c:0b:71:7e:04:5b:36:c4:73:6f:83:6d:42:25:80:88:33:94:
+ 6c:e5:51:65:93:fe:b6:cc:23:dd:ba:c2:c0:db:2b:59:50:36:
+ cc:3f:27:99:bd:0f:c4:cf:47:c2:d0:f4:fb:18:1a:d0:43:08:
+ 2f:24:7b:7c:45:ca:25:73:72:30:70:39:8b:79:f7:18:b1:07:
+ bd:c9:50:0c:c2:11:d2:be:e2:94:6f:7a:da:9e:53:fa:2e:20:
+ 28:18:5a:08:24:6e:ea:b7:fa:8e:81:a8:c0:66:45:41:63:c0:
+ 23:76:30:c1:18:d7:85:aa:6d:93:fb:9a:0c:06:c5:11:4d:fe:
+ 7f:f2:83:02:17:47:20:95:a2:85:de:e0:49:b0:df:89:b6:a5:
+ c2:87:f2:f1:92:93:51:c8:48:f8:86:ad:5e:c8:bd:4b:eb:6e:
+ 0e:f0:9e:7b:9e:24:15:27:19:cd:31:86:e4:81:27:ff:63:42:
+ 1c:a2:0d:18:19:73:c0:ff:62:bc:55:64:db:80:28:ee:c8:23:
+ bc:4c:50:f7:06:d5:a9:42:ed:91:d3:ee:1d:42:f5:12:cf:34:
+ ab:7b:fc:9d:cb:30:31:10:17:3b:58:54:ee:65:e6:da:8d:82:
+ cc:f3:f7:8c:f7:d6:c0:a5:a4:9e:6a:71:5f:45:bc:2e:55:d1:
+ 49:c4:d2:e7:c0:6c:8e:19:bb:8e:d8:36:2f:d5:85:c3:38:52:
+ 14:98:dc:3a:9c:8b:fd:d6:b7:b6:f0:02:b0:9a:15:80:13:b1:
+ 8e:b3:07:f0:8a:a6:19:53:65:cf:ad:2a:33:5a:f5:b3:74:8f:
+ ed:8d:6f:71:bf:fe:51:40:2f:a6:89:45:3a:df:fd:88:c7:2d:
+ 46:25:23:f0:89:35:4d:84:66:3c:a8:f8:d1:53:87:7e:ad:b4:
+ f2:37:f1:a6:8d:86:a3:ea:43:27:a3:79:ca:dd:24:30:ee:a4:
+ c0:8f:7a:50:18:81:26:05:50:29:de:53:92:36:75:09:04:69:
+ c5:d4:13:4e:dc:03:dd:96:2d:10:43:86:1f:da:82:9d:e2:fc:
+ 85:62:84:18:b6:a1:57:b8:1e:03:8d:99:ea:9f:2f:65:62:86:
+ de:27:89:39:57:7a:75:dd:60:67:f4:70:28:d2:e7:1e:92:30:
+ 44:17:05:6a:3b:7e:92:66:fe:f9:9c:b0:5b:23:3c:12:15:be:
+ 99:28:61:2c:7a:07:4e:60:1c:d8:da:4d:f6:91:26:f2:bc:b0:
+ dd:21:8c:f5:d0:a5:f8:c3:78:a3:e4:83:37:74:e1:2b:8d:74:
+ 19:06:f2:fd:1c:1c:db:01