Posted By

leira on 03/23/11


Tagged

stun ICE NAT


Versions (?)

STUN MESSAGE-INTEGRITY Verifier


 / Published in: Python
 

A simple script to verify the MESSAGE-INTEGRITY field of a STUN message. Also as a sample to calculate the MESSAGE-INTEGRITY field.

To use it, you need to select the STUN message part in Wireshark, copy the whole STUN message (no IP/UDP headers included) as Bytes (Hex Stream), then calls: ./msgintegirty.py passwd hexstream

Here is an example:

$ ./msg_integirty.py xa/ykWBKUukRHCxH8O1hkQbo 000100542112a442e4e8b0fd9c2294326 5a6f9fd0006000c617957763a653343660000000024000478ffffff802900080000000030333233 8054000431000000807000040000000200080014eb7db09217a9a9cdded592c200f3c372dd1c741 7802800048abb842c

The Integrity calculated is: eb7db09217a9a9cdded592c200f3c372dd1c7417 Integrity MATCH!

  1. #!/usr/bin/env python
  2.  
  3. import hmac
  4. import hashlib
  5. import sys
  6.  
  7. def align_to_64(data):
  8. length = len(data)
  9. i = 64
  10. while i < length:
  11. i += 64
  12. return data + '\x00'*(i-length)
  13.  
  14. def cal_integ(passwd, stun_msg):
  15. msg_to_check = stun_msg[:-(24+8)] # strip the MESSAGE-INTEGRITY and FINGERPRINT part
  16. dummy_msg = align_to_64(msg_to_check)
  17. integ = hmac.new(passwd, dummy_msg, hashlib.sha1)
  18. return integ
  19.  
  20. def match_stun_integrity(passwd, stun_msg):
  21. integ_in_msg = stun_msg[-28:-8]
  22. integ = cal_integ(passwd, stun_msg)
  23.  
  24. print "The Integrity calculated is:", integ.hexdigest()
  25. if integ_in_msg == integ.digest():
  26. print "Integrity MATCH!"
  27. else:
  28. print "Integrity DOES NOT MATH!!"
  29.  
  30. def hex_to_string(hex_stream):
  31. i = 0
  32. charlist = []
  33. while i < len(hex_stream):
  34. charlist.append(chr(eval('0x' + hex_stream[i:i+2])))
  35. i+=2
  36. return ''.join(charlist)
  37.  
  38.  
  39. def main(passwd, stun_hex_stream):
  40. stun_msg = hex_to_string(stun_hex_stream)
  41. match_stun_integrity(passwd, stun_msg)
  42.  
  43.  
  44. if __name__ == '__main__':
  45. if len(sys.argv) < 3:
  46. print "Usage: msg_integrity passwd stun_hex_stram"
  47. else:
  48. main(sys.argv[1], sys.argv[2])

Report this snippet  

You need to login to post a comment.