Skip to content

Actions

Jump to bottom
ic0ns edited this page Sep 6, 2017 · 13 revisions

A WorkflowTrace as implemented in TLS-Attacker consists of multiple Actions. The following Actions are currently implemented in TLS-Attacker:

  • SendAction
  • ReceiveAction
  • GenericReceiveAction
  • RenegotiationAction
  • ResetConnectionAction
  • WaitingAction
  • ChangeCipherSuiteAction
  • ChangeClientRandomAction
  • ChangeCompressionAction
  • ChangeMasterSecretAction
  • ChangePreMasterSecretAction
  • ChangeProtocolVersionAction
  • ChangeServerRandomAction
  • DeactivateEncryptionAction

The Actions are described in more Detail below. Note: You can also define your own Actions and use them with TLS-Attacker

SendAction

The SendAction is one of the basic TLS-Attacker Actions. If it is executed it sends a List of predefined Messages/Records.

<SendAction>
    <messages>
        <ClientHello/>
    </messages>
    <records>
        <Record/>
    </records>
</SendAction>

With messages you can specify a list of Messages you want to send, and with records you can defined the records in which these messages should be send. By default, TLS-Attacker will add Records to your WorkflowTrace as needed and create them with the correct sizes. With the default Settings TLS-Attacker will add additional records as needed to your WorkflowTrace and ignore Records it did not need to send the defined Messages. You can edit this behavior in the Config. For more information on Records check the Record Chapter in the Wiki.

ReceiveAction

The ReceiveAction is another basic Action for a WorkflowTrace. With this Action you can order TLS-Attacker to receive Messages. The ReceiveAction consists of 3 Components:

  • messages: Contains the actual received Messages after this action was executed
  • records: Contains the actual received Records after this action was executed
  • expectedMessages: Contains a List of messages we Expect to receive.
<ReceiveAction>
    <messages/>
    <records/>
    <expectedMessages>
        <ServerHello/>
        <Certificate/>
        <ServerHelloDone/>
    </expectedMessages>
</ReceiveAction>

When using this Action you can optimize the WorkflowTrace by defining which Messages you expect to receive. TLS-Attacker can use this information to increase the performance of you WorkflowTrace. If you are not receiving the exact messages you defined in this Action TLS-Attacker will wait for a timeout to occur before continuing with the next Action (default 1s).

GenericReceive

The GenericReceive Action is a special form of the ReceiveAction. In this action you do not need to specify which messages you expect to receive and the timeout specified in the config will always be used.

<GenericReceive>
    <messages/>
    <records/>
</GenericReceive>

or

<GenericReceive/>
Clone this wiki locally