Skip to content

Logging

Jump to bottom
Robert Merget edited this page Sep 24, 2018 · 13 revisions

Per default, info logging is enabled in TLS-Attacker. You can turn off logging by starting the TLS-Attacker client with the following parameter:

-quiet

If you want full DEBUG output you can start TLS-Attacker with the debug flag:

-debug

TLS-Attacker also provides the ability to log all executed Workflows in a folder or file. You can access this feature with the client and server example application from commandline:

-workflow_output [folder/file]

or for all other applications by changing the workflowOutput value in the config file. For further references see check the Wiki page about the Config.

-config saveConfig.xml
<Config>
    <workflowOutput>someFolder/</workflowOutput>
</Config>

If you want more detailed control over the logging behavior of TLS-Attacker you can start TLS-Attacker with a log4j2.xml config:

java -Dlog4j.configurationFile=path/to/log4j2.xml -jar TLS-Client.jar -connect google.com

Your log4j configuration file may look like this:

<?xml version="1.0" encoding="UTF-8"?>
<Configuration status="WARN">
    <Appenders>
        <Console name="Console" target="SYSTEM_OUT">
            <PatternLayout pattern="%highlight{%d{HH:mm:ss}{GMT+0} [%t] %-5level: %c{1} - %msg%n%throwable}"/>
        </Console>
        <Console name="Info" target="SYSTEM_OUT">
	    <PatternLayout pattern="%highlight{%d{HH:mm:ss}{GMT+0} [%t] %-5level: %c{1}} - %msg%n%highlight{%throwable}"/>
        </Console>
        <Console name="Direct" target="SYSTEM_OUT">
            <PatternLayout pattern="%msg%n"/>
        </Console>
    </Appenders>
    <Loggers>
	<Logger name="DirectLOgger" level="ALL">
	    <AppenderRef ref="Direct"/>
	</Logger>
        <Logger name="de.rub.nds.tlsattacker.core.protocol.handler" level="INFO"/>
        <Logger name="de.rub.nds.tlsattacker.core.protocol.message" level="INFO"/>
        <Logger name="de.rub.nds.tlsattacker.core.protocol.parser" level="DEBUG"/>
        <Logger name="de.rub.nds.tlsattacker.core.protocol.preparator" level="INFO"/>
        <Logger name="de.rub.nds.tlsattacker.core.protocol.serializer" level="DEBUG"/>
        <Logger name="de.rub.nds.tlsattacker.core.record.cipher" level="INFO"/>
        <Logger name="de.rub.nds.tlsattacker.core.record.compressor" level="INFO"/>
        <Logger name="de.rub.nds.tlsattacker.core.record.crypto" level="INFO"/>
        <Logger name="de.rub.nds.tlsattacker.core.record.layer" level="INFO"/>
        <Logger name="de.rub.nds.tlsattacker.core.record.parser" level="DEBUG"/>
        <Logger name="de.rub.nds.tlsattacker.core.record.preparator" level="INFO"/>
        <Logger name="de.rub.nds.tlsattacker.core.record.serializer" level="DEBUG"/>
        <Logger name="de.rub.nds.tlsattacker.core.workflow" level="INFO"/>
        <Logger name="de.rub.nds.tlsattacker.core.workflow.action" level="INFO"/>
        <Logger name="de.rub.nds.tlsattacker.core.config" level="INFO"/>
        <Logger name="de.rub.nds.tlsattacker.core.state" level="INFO"/>
        <Logger name="de.rub.nds.tlsattacker.core.constants" level="INFO"/>
        <Logger name="de.rub.nds.modifiablevariable" level="INFO"/>
        <Root level="INFO">
            <AppenderRef ref="Info"/>
        </Root>
    </Loggers>
</Configuration>

This example sets the parser logger and serializer logger to the DEBUG level, which shows you how TLS-Attacker parsed incoming messages and how its outgoing messages were assembled.

Clone this wiki locally