有没有什么比较好的工具用来解析 IPSec 的 ISAKMP 握手包

2018-10-05 23:24:08 +08:00
 feast
首先说不是用来富强一类的,IPSec 这东西配置参数极为复杂,android 和 ubuntu 上的 strongswan 和 racoon 经过多次修改 ipsec.conf 配置,主机侧依然提示 No proposal found, 并且 strongswan 这货费尽周折开启 VERBOSE log 后发现 log 输出的内容基本也是无可读性的的 Binary 数据,实在不想花大笔时间去研究 ipsec 那复杂的参数了,有没有什么工具能够解析 INIT 阶段的 ISAKMP SA 数据包的,直观展示一下加密方式,DH,认证方式等等,尽量做到可视化直接方便配成一致,wireshark 就不用说了,那货给的信息也极为有限
3802 次点击
所在节点    程序员
31 条回复
mason961125
2018-10-05 23:29:42 +08:00
日志的话...tail -f /var/log/auth.log 就能看到了...
Seumi
2018-10-05 23:39:36 +08:00
就用 wireshark 就行。日志输出选最高级别,在里面搜索 SKEYSEED,下面就是七个密钥。strongswan 的日志包含的内容非常详细
feast
2018-10-05 23:41:44 +08:00
@mason961125 很抱歉你这办法我似乎已经用过了,输出的日志就是看不到,Juniper 官方说至少要这些东西互相匹配才行,日志里似乎是看不到的

If phase 2 negotiation has been initiated, and you get the "Error = NO_PROPOSAL_CHOSEN" message, this indicates a mismatch in proposals between the two peers. The phase 2 proposal elements include the following:

Authentication algorithm (MD5, SHA1)
Encryption algorithm (DES, 3DES, AES128, AES192, AES256)
Lifetime kilobytes (sometimes referred to as lifesize)
Lifetime seconds
Protocol (AH, ESP)
Perfect Forward Secrecy (Diffie-Hellman group1, group2, group5)
If phase 2 fails to complete with an error in proposal, then confirm that remote peer has at least one proposal configured in which Authentication and Encryption algorithms, Protocol and Perfect Forward Secrecy (PFS) match at least one proposal on the local side. A common mis-configuration is PFS group key mismatch. Perhaps one side has PFS group key configured whereas the remote side may either not have PFS enabled or incorrect group key. Also, with some third-party non-Juniper devices, Lifetime in both kilobytes and/or seconds may also need to match.
feast
2018-10-05 23:43:12 +08:00
@Seumi SKYSEED 是什么,另外我已经把 STRONGSWAN 的日志级别调成 7 了依然没用,出来的数据看不到 JUNIPER 官方说的那几种参数
feast
2018-10-05 23:51:17 +08:00
```
Sep 16 22:28:10 05[MGR] checkout IKEv2 SA by message with SPIs 53be4aebeab9737c_i 0000000000000000_r
Sep 16 22:28:10 05[MGR] created IKE_SA (unnamed)[1]
Sep 16 22:28:10 05[NET] <1> received packet: from 119.77.23.12[500] to 172.21.241.94[500] (300 bytes)
Sep 16 22:28:10 05[ENC] <1> parsing body of message, first payload is SECURITY_ASSOCIATION
Sep 16 22:28:10 05[ENC] <1> starting parsing a SECURITY_ASSOCIATION payload
Sep 16 22:28:10 05[ENC] <1> parsing SECURITY_ASSOCIATION payload, 272 bytes left
Sep 16 22:28:10 05[ENC] <1> parsing payload from => 272 bytes @ 0x7f1b18000bdc
Sep 16 22:28:10 05[ENC] <1> 0: 22 00 00 2C 00 00 00 28 01 01 00 04 03 00 00 08 "..,...(........
Sep 16 22:28:10 05[ENC] <1> 16: 01 00 00 03 03 00 00 08 03 00 00 02 03 00 00 08 ................
Sep 16 22:28:10 05[ENC] <1> 32: 02 00 00 02 00 00 00 08 04 00 00 02 28 00 00 88 ............(...
Sep 16 22:28:10 05[ENC] <1> 48: 00 02 00 00 BD 44 15 33 19 42 FC 3E 48 26 C4 EE .....D.3.B.>H&..
Sep 16 22:28:10 05[ENC] <1> 64: 9E 03 ED F1 86 32 6F CB 18 56 8E E3 6E 59 2F 46 .....2o..V..nY/F
Sep 16 22:28:10 05[ENC] <1> 80: 7D 93 71 FF C1 8B AD 1E FA D4 4A 42 04 ED D0 67 }.q.......JB...g
Sep 16 22:28:10 05[ENC] <1> 96: 9F 51 55 F0 3B ED 25 E1 FC D0 82 46 84 39 E1 1A .QU.;.%....F.9..
Sep 16 22:28:10 05[ENC] <1> 112: 86 ED 85 57 96 B8 4F 08 F9 85 A8 30 D6 35 93 C7 ...W..O....0.5..
Sep 16 22:28:10 05[ENC] <1> 128: 27 61 21 2C 20 80 7D A0 8C 15 1A 32 10 1A BB A8 'a!, .}....2....
Sep 16 22:28:10 05[ENC] <1> 144: 7B 36 93 63 3B 05 A1 EC DD 36 27 6F E7 02 25 5E {6.c;....6'o..%^
Sep 16 22:28:10 05[ENC] <1> 160: E4 BC 3C CC 72 FB 33 11 44 7F 90 61 C2 82 2B EE ..<.r.3.D..a..+.
Sep 16 22:28:10 05[ENC] <1> 176: 37 4B 6B E1 29 00 00 24 51 0F C8 1E A1 9A B5 E3 7Kk.)..$Q.......
Sep 16 22:28:10 05[ENC] <1> 192: 41 12 8B E3 32 12 AD 58 A2 B4 E9 9E 3D 9E 3A D3 A...2..X....=.:.
Sep 16 22:28:10 05[ENC] <1> 208: B6 88 EE 59 78 C5 69 8A 29 00 00 1C 00 00 40 04 ...Yx.i.).....@.
Sep 16 22:28:10 05[ENC] <1> 224: 00 E9 42 94 E0 01 A5 09 2A 2D 7D 6A 6B 3A 3B E0 ..B.....*-}jk:;.
Sep 16 22:28:10 05[ENC] <1> 240: 0C 52 8E 36 00 00 00 1C 00 00 40 05 AA E4 23 F4 .R.6......@...#.
Sep 16 22:28:10 05[ENC] <1> 256: 5C 23 FF 4C 81 C6 D7 CA 06 A8 71 7D AB 0F 6C 3D \#.L......q}..l=
Sep 16 22:28:10 05[ENC] <1> parsing rule 0 U_INT_8
Sep 16 22:28:10 05[ENC] <1> => 34
Sep 16 22:28:10 05[ENC] <1> parsing rule 1 FLAG
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 2 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 3 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 4 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 5 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 6 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 7 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 8 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 9 PAYLOAD_LENGTH
Sep 16 22:28:10 05[ENC] <1> => 44
Sep 16 22:28:10 05[ENC] <1> parsing rule 10 (1258)

```
mason961125
2018-10-05 23:53:28 +08:00
@feast 我有个建议,你可以去 StrongSwan 的 Wiki 里找找有没有适合你需求的例子,一般来说都能找得到,而且也有配置完成后的日志。
Seumi
2018-10-05 23:54:21 +08:00
Seumi
2018-10-05 23:55:01 +08:00
feast
2018-10-05 23:56:25 +08:00
@Seumi
Sep 16 22:28:10 05[ENC] <1> 0: 00 E9 42 94 E0 01 A5 09 2A 2D 7D 6A 6B 3A 3B E0 ..B.....*-}jk:;.
Sep 16 22:28:10 05[ENC] <1> 16: 0C 52 8E 36 .R.6
Sep 16 22:28:10 05[ENC] <1> parsing NOTIFY payload finished
Sep 16 22:28:10 05[ENC] <1> verifying payload of type NOTIFY
Sep 16 22:28:10 05[ENC] <1> NOTIFY payload verified, adding to payload list
Sep 16 22:28:10 05[ENC] <1> starting parsing a NOTIFY payload
Sep 16 22:28:10 05[ENC] <1> parsing NOTIFY payload, 28 bytes left
Sep 16 22:28:10 05[ENC] <1> parsing payload from => 28 bytes @ 0x7f1b18000cd0
Sep 16 22:28:10 05[ENC] <1> 0: 00 00 00 1C 00 00 40 05 AA E4 23 F4 5C 23 FF 4C ......@...#.\#.L
Sep 16 22:28:10 05[ENC] <1> 16: 81 C6 D7 CA 06 A8 71 7D AB 0F 6C 3D ......q}..l=
Sep 16 22:28:10 05[ENC] <1> parsing rule 0 U_INT_8
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 1 FLAG
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 2 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 3 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 4 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 5 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 6 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 7 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 8 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 9 PAYLOAD_LENGTH
Sep 16 22:28:10 05[ENC] <1> => 28
Sep 16 22:28:10 05[ENC] <1> parsing rule 10 U_INT_8
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 11 SPI_SIZE
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 12 U_INT_16
Sep 16 22:28:10 05[ENC] <1> => 16389
Sep 16 22:28:10 05[ENC] <1> parsing rule 13 SPI
Sep 16 22:28:10 05[ENC] <1> => 0 bytes @ (nil)
Sep 16 22:28:10 05[ENC] <1> parsing rule 14 CHUNK_DATA
Sep 16 22:28:10 05[ENC] <1> => 20 bytes @ 0x7f1b100023c0
Sep 16 22:28:10 05[ENC] <1> 0: AA E4 23 F4 5C 23 FF 4C 81 C6 D7 CA 06 A8 71 7D ..#.\#.L......q}
Sep 16 22:28:10 05[ENC] <1> 16: AB 0F 6C 3D ..l=
Sep 16 22:28:10 05[ENC] <1> parsing NOTIFY payload finished
Sep 16 22:28:10 05[ENC] <1> verifying payload of type NOTIFY
Sep 16 22:28:10 05[ENC] <1> NOTIFY payload verified, adding to payload list
Sep 16 22:28:10 05[ENC] <1> process payload of type SECURITY_ASSOCIATION
Sep 16 22:28:10 05[ENC] <1> process payload of type KEY_EXCHANGE
Sep 16 22:28:10 05[ENC] <1> process payload of type NONCE
Sep 16 22:28:10 05[ENC] <1> process payload of type NOTIFY
Sep 16 22:28:10 05[ENC] <1> process payload of type NOTIFY
Sep 16 22:28:10 05[ENC] <1> verifying message structure
Sep 16 22:28:10 05[ENC] <1> found payload of type NOTIFY
Sep 16 22:28:10 05[ENC] <1> found payload of type NOTIFY
Sep 16 22:28:10 05[ENC] <1> found payload of type SECURITY_ASSOCIATION
Sep 16 22:28:10 05[ENC] <1> found payload of type KEY_EXCHANGE
Sep 16 22:28:10 05[ENC] <1> found payload of type NONCE
Sep 16 22:28:10 05[ENC] <1> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
Sep 16 22:28:10 05[CFG] <1> looking for an ike config for 172.21.241.94...220.166.51.91
Sep 16 22:28:10 05[IKE] <1> no IKE config found for 172.21.241.94...220.166.51.91, sending NO_PROPOSAL_CHOSEN
Sep 16 22:28:10 05[ENC] <1> added payload of type NOTIFY to message
Sep 16 22:28:10 05[ENC] <1> order payloads in message
Sep 16 22:28:10 05[ENC] <1> added payload of type NOTIFY to message
Sep 16 22:28:10 05[ENC] <1> generating IKE_SA_INIT response 0 [ N(NO_PROP) ]
Sep 16 22:28:10 05[ENC] <1> not encrypting payloads

这种已经够详细了吧,但是还是看不出客户端到底用的什么加密,什么 HASH 和什么 FPS 模式
feast
2018-10-05 23:59:37 +08:00
@Seumi 老兄非常感谢你的热心回复,但是你针对的是 traffic 阶段的 ESP 封包解密,但是我的意思是获取 ISKAMP 阶段 AH 封包的配置信息,AH 包是不加密的,是用来握手的
feast
2018-10-06 00:00:37 +08:00
@mason961125 如果客户端能配我也不会大费周章找工具了,就是不知道客户端用的什么模式,只能不断改服务端配置来试探
Seumi
2018-10-06 00:01:10 +08:00
IKE_SA_INIT 阶段的两条报文不是明文吗,可以看加密套件的协商结果,而且正常的话,日志里会显示协商过程
Seumi
2018-10-06 00:02:42 +08:00
不是啊,就是 IKE_SA_INIT 和 IKE_AUTH 握手阶段,后面是 ESP 阶段
feast
2018-10-06 00:05:32 +08:00
@Seumi 你看我发的日志,sw 的日志协商阶段根本看不出客户端请求的什么加密方式,直接就提示一个 no IKE config found,这种让人很郁闷呐
feast
2018-10-06 00:09:28 +08:00
我的想法是,既然是握手,客户端发送给服务器的 ISAKMP 包一定会包括 JUNIPER 官方说的
Authentication algorithm (MD5, SHA1)
Encryption algorithm (DES, 3DES, AES128, AES192, AES256)
Lifetime kilobytes (sometimes referred to as lifesize)
Lifetime seconds
Protocol (AH, ESP)
Perfect Forward Secrecy (Diffie-Hellman group1, group2, group5)
这几类信息,这几类信息用什么工具才能解析出来呢?我是目前没看到有任何类似的工具,IPSec 我感觉网上大部分富强的也就是抄配置+撞运气,压根没管参数的真正意义

@Seumi
Seumi
2018-10-06 00:16:59 +08:00
用 wireshark 就可以,IKE 握手有两个阶段,第一个阶段 IKE_SA_INIT 的两条报文是明文,就包含你说的这几个加密套件,然后紧接着的 IKE_AUTH 阶段就会用上面协商的方法加密。你用 wireshark 抓到前两条报文,就能看到加密套件协商结构体
Seumi
2018-10-06 00:23:36 +08:00
feast
2018-10-06 00:24:03 +08:00
@Seumi 那这个阶段两端的 AUTH MODE 不同会不会导致出现上面的 NO PROPOSAL 错误呢,比如一端是未知的 oem 过的 psk 加密,一段是 psk 我感觉那个 IKE config strongswan 应该不仅仅判断了那几个加密套件要素,这方面兄台是否有所深入了解过?
Seumi
2018-10-06 00:26:42 +08:00


日志里的协商过程大概是这样的
zhaoxiting1997
2018-10-06 00:29:47 +08:00
试试 strongswan android 端,日志里可能有些有用的信息,服务器接受什么加密方式之类的

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/495107

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX