advanced code snippet search

Posted By

leira on 03/23/11


Tagged

stun ICE NAT


Versions (?)

STUN MESSAGE-INTEGRITY Verifier

 / Published in: Python
 

A simple script to verify the MESSAGE-INTEGRITY field of a STUN message. Also as a sample to calculate the MESSAGE-INTEGRITY field.

To use it, you need to select the STUN message part in Wireshark, copy the whole STUN message (no IP/UDP headers included) as Bytes (Hex Stream), then calls: ./msgintegirty.py passwd hexstream

Here is an example:

$ ./msg_integirty.py xa/ykWBKUukRHCxH8O1hkQbo 000100542112a442e4e8b0fd9c2294326 5a6f9fd0006000c617957763a653343660000000024000478ffffff802900080000000030333233 8054000431000000807000040000000200080014eb7db09217a9a9cdded592c200f3c372dd1c741 7802800048abb842c

The Integrity calculated is: eb7db09217a9a9cdded592c200f3c372dd1c7417 Integrity MATCH!

Expand | Embed | Plain Text 
  1. #!/usr/bin/env python
  2.  
  3. import hmac
  4. import hashlib
  5. import sys
  6.  
  7. def align_to_64(data):
  8. 	length = len(data)
  9. 	i = 64
  10. 	while i < length:
  11. 		i += 64
  12. 	return data + '\x00'*(i-length)
  13.  
  14. def cal_integ(passwd, stun_msg):
  15. 	msg_to_check = stun_msg[:-(24+8)]	# strip the MESSAGE-INTEGRITY and FINGERPRINT part
  16. 	dummy_msg = align_to_64(msg_to_check)
  17. 	integ = hmac.new(passwd, dummy_msg, hashlib.sha1)
  18. 	return integ
  19.  
  20. def match_stun_integrity(passwd, stun_msg):
  21. 	integ_in_msg = stun_msg[-28:-8]
  22. 	integ = cal_integ(passwd, stun_msg)
  23.  
  24. 	print "The Integrity calculated is:", integ.hexdigest()
  25. 	if integ_in_msg == integ.digest():
  26. 		print "Integrity MATCH!"
  27. 	else:
  28. 		print "Integrity DOES NOT MATH!!"
  29.  
  30. def hex_to_string(hex_stream):
  31. 	i = 0
  32. 	charlist = []
  33. 	while i < len(hex_stream):
  34. 		charlist.append(chr(eval('0x' + hex_stream[i:i+2])))
  35. 		i+=2
  36. 	return ''.join(charlist)
  37.  
  38.  
  39. def main(passwd, stun_hex_stream):
  40. 	stun_msg = hex_to_string(stun_hex_stream)
  41. 	match_stun_integrity(passwd, stun_msg)
  42.  
  43.  
  44. if __name__ == '__main__':
  45. 	if len(sys.argv) < 3:
  46. 		print "Usage: msg_integrity passwd stun_hex_stram"
  47. 	else:
  48. 		main(sys.argv[1], sys.argv[2])

Report this snippet  

You need to login to post a comment.