V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
• 请不要在回答技术问题时复制粘贴 AI 生成的内容
feast
V2EX  ›  程序员

有没有什么比较好的工具用来解析 IPSec 的 ISAKMP 握手包

  •  
  •   feast · 2018-10-05 23:24:08 +08:00 · 3830 次点击
    这是一个创建于 2270 天前的主题,其中的信息可能已经有所发展或是发生改变。
    首先说不是用来富强一类的,IPSec 这东西配置参数极为复杂,android 和 ubuntu 上的 strongswan 和 racoon 经过多次修改 ipsec.conf 配置,主机侧依然提示 No proposal found, 并且 strongswan 这货费尽周折开启 VERBOSE log 后发现 log 输出的内容基本也是无可读性的的 Binary 数据,实在不想花大笔时间去研究 ipsec 那复杂的参数了,有没有什么工具能够解析 INIT 阶段的 ISAKMP SA 数据包的,直观展示一下加密方式,DH,认证方式等等,尽量做到可视化直接方便配成一致,wireshark 就不用说了,那货给的信息也极为有限
    31 条回复    2018-10-07 09:03:55 +08:00
    mason961125
        1
    mason961125  
       2018-10-05 23:29:42 +08:00
    日志的话...tail -f /var/log/auth.log 就能看到了...
    Seumi
        2
    Seumi  
       2018-10-05 23:39:36 +08:00 via Android
    就用 wireshark 就行。日志输出选最高级别,在里面搜索 SKEYSEED,下面就是七个密钥。strongswan 的日志包含的内容非常详细
    feast
        3
    feast  
    OP
       2018-10-05 23:41:44 +08:00
    @mason961125 很抱歉你这办法我似乎已经用过了,输出的日志就是看不到,Juniper 官方说至少要这些东西互相匹配才行,日志里似乎是看不到的

    If phase 2 negotiation has been initiated, and you get the "Error = NO_PROPOSAL_CHOSEN" message, this indicates a mismatch in proposals between the two peers. The phase 2 proposal elements include the following:

    Authentication algorithm (MD5, SHA1)
    Encryption algorithm (DES, 3DES, AES128, AES192, AES256)
    Lifetime kilobytes (sometimes referred to as lifesize)
    Lifetime seconds
    Protocol (AH, ESP)
    Perfect Forward Secrecy (Diffie-Hellman group1, group2, group5)
    If phase 2 fails to complete with an error in proposal, then confirm that remote peer has at least one proposal configured in which Authentication and Encryption algorithms, Protocol and Perfect Forward Secrecy (PFS) match at least one proposal on the local side. A common mis-configuration is PFS group key mismatch. Perhaps one side has PFS group key configured whereas the remote side may either not have PFS enabled or incorrect group key. Also, with some third-party non-Juniper devices, Lifetime in both kilobytes and/or seconds may also need to match.
    feast
        4
    feast  
    OP
       2018-10-05 23:43:12 +08:00
    @Seumi SKYSEED 是什么,另外我已经把 STRONGSWAN 的日志级别调成 7 了依然没用,出来的数据看不到 JUNIPER 官方说的那几种参数
    feast
        5
    feast  
    OP
       2018-10-05 23:51:17 +08:00
    ```
    Sep 16 22:28:10 05[MGR] checkout IKEv2 SA by message with SPIs 53be4aebeab9737c_i 0000000000000000_r
    Sep 16 22:28:10 05[MGR] created IKE_SA (unnamed)[1]
    Sep 16 22:28:10 05[NET] <1> received packet: from 119.77.23.12[500] to 172.21.241.94[500] (300 bytes)
    Sep 16 22:28:10 05[ENC] <1> parsing body of message, first payload is SECURITY_ASSOCIATION
    Sep 16 22:28:10 05[ENC] <1> starting parsing a SECURITY_ASSOCIATION payload
    Sep 16 22:28:10 05[ENC] <1> parsing SECURITY_ASSOCIATION payload, 272 bytes left
    Sep 16 22:28:10 05[ENC] <1> parsing payload from => 272 bytes @ 0x7f1b18000bdc
    Sep 16 22:28:10 05[ENC] <1> 0: 22 00 00 2C 00 00 00 28 01 01 00 04 03 00 00 08 "..,...(........
    Sep 16 22:28:10 05[ENC] <1> 16: 01 00 00 03 03 00 00 08 03 00 00 02 03 00 00 08 ................
    Sep 16 22:28:10 05[ENC] <1> 32: 02 00 00 02 00 00 00 08 04 00 00 02 28 00 00 88 ............(...
    Sep 16 22:28:10 05[ENC] <1> 48: 00 02 00 00 BD 44 15 33 19 42 FC 3E 48 26 C4 EE .....D.3.B.>H&..
    Sep 16 22:28:10 05[ENC] <1> 64: 9E 03 ED F1 86 32 6F CB 18 56 8E E3 6E 59 2F 46 .....2o..V..nY/F
    Sep 16 22:28:10 05[ENC] <1> 80: 7D 93 71 FF C1 8B AD 1E FA D4 4A 42 04 ED D0 67 }.q.......JB...g
    Sep 16 22:28:10 05[ENC] <1> 96: 9F 51 55 F0 3B ED 25 E1 FC D0 82 46 84 39 E1 1A .QU.;.%....F.9..
    Sep 16 22:28:10 05[ENC] <1> 112: 86 ED 85 57 96 B8 4F 08 F9 85 A8 30 D6 35 93 C7 ...W..O....0.5..
    Sep 16 22:28:10 05[ENC] <1> 128: 27 61 21 2C 20 80 7D A0 8C 15 1A 32 10 1A BB A8 'a!, .}....2....
    Sep 16 22:28:10 05[ENC] <1> 144: 7B 36 93 63 3B 05 A1 EC DD 36 27 6F E7 02 25 5E {6.c;....6'o..%^
    Sep 16 22:28:10 05[ENC] <1> 160: E4 BC 3C CC 72 FB 33 11 44 7F 90 61 C2 82 2B EE ..<.r.3.D..a..+.
    Sep 16 22:28:10 05[ENC] <1> 176: 37 4B 6B E1 29 00 00 24 51 0F C8 1E A1 9A B5 E3 7Kk.)..$Q.......
    Sep 16 22:28:10 05[ENC] <1> 192: 41 12 8B E3 32 12 AD 58 A2 B4 E9 9E 3D 9E 3A D3 A...2..X....=.:.
    Sep 16 22:28:10 05[ENC] <1> 208: B6 88 EE 59 78 C5 69 8A 29 00 00 1C 00 00 40 04 ...Yx.i.).....@.
    Sep 16 22:28:10 05[ENC] <1> 224: 00 E9 42 94 E0 01 A5 09 2A 2D 7D 6A 6B 3A 3B E0 ..B.....*-}jk:;.
    Sep 16 22:28:10 05[ENC] <1> 240: 0C 52 8E 36 00 00 00 1C 00 00 40 05 AA E4 23 F4 .R.6......@...#.
    Sep 16 22:28:10 05[ENC] <1> 256: 5C 23 FF 4C 81 C6 D7 CA 06 A8 71 7D AB 0F 6C 3D \#.L......q}..l=
    Sep 16 22:28:10 05[ENC] <1> parsing rule 0 U_INT_8
    Sep 16 22:28:10 05[ENC] <1> => 34
    Sep 16 22:28:10 05[ENC] <1> parsing rule 1 FLAG
    Sep 16 22:28:10 05[ENC] <1> => 0
    Sep 16 22:28:10 05[ENC] <1> parsing rule 2 RESERVED_BIT
    Sep 16 22:28:10 05[ENC] <1> => 0
    Sep 16 22:28:10 05[ENC] <1> parsing rule 3 RESERVED_BIT
    Sep 16 22:28:10 05[ENC] <1> => 0
    Sep 16 22:28:10 05[ENC] <1> parsing rule 4 RESERVED_BIT
    Sep 16 22:28:10 05[ENC] <1> => 0
    Sep 16 22:28:10 05[ENC] <1> parsing rule 5 RESERVED_BIT
    Sep 16 22:28:10 05[ENC] <1> => 0
    Sep 16 22:28:10 05[ENC] <1> parsing rule 6 RESERVED_BIT
    Sep 16 22:28:10 05[ENC] <1> => 0
    Sep 16 22:28:10 05[ENC] <1> parsing rule 7 RESERVED_BIT
    Sep 16 22:28:10 05[ENC] <1> => 0
    Sep 16 22:28:10 05[ENC] <1> parsing rule 8 RESERVED_BIT
    Sep 16 22:28:10 05[ENC] <1> => 0
    Sep 16 22:28:10 05[ENC] <1> parsing rule 9 PAYLOAD_LENGTH
    Sep 16 22:28:10 05[ENC] <1> => 44
    Sep 16 22:28:10 05[ENC] <1> parsing rule 10 (1258)

    ```
    mason961125
        6
    mason961125  
       2018-10-05 23:53:28 +08:00
    @feast 我有个建议,你可以去 StrongSwan 的 Wiki 里找找有没有适合你需求的例子,一般来说都能找得到,而且也有配置完成后的日志。
    Seumi
        7
    Seumi  
       2018-10-05 23:54:21 +08:00 via Android
    Seumi
        8
    Seumi  
       2018-10-05 23:55:01 +08:00 via Android
    feast
        9
    feast  
    OP
       2018-10-05 23:56:25 +08:00
    @Seumi
    Sep 16 22:28:10 05[ENC] <1> 0: 00 E9 42 94 E0 01 A5 09 2A 2D 7D 6A 6B 3A 3B E0 ..B.....*-}jk:;.
    Sep 16 22:28:10 05[ENC] <1> 16: 0C 52 8E 36 .R.6
    Sep 16 22:28:10 05[ENC] <1> parsing NOTIFY payload finished
    Sep 16 22:28:10 05[ENC] <1> verifying payload of type NOTIFY
    Sep 16 22:28:10 05[ENC] <1> NOTIFY payload verified, adding to payload list
    Sep 16 22:28:10 05[ENC] <1> starting parsing a NOTIFY payload
    Sep 16 22:28:10 05[ENC] <1> parsing NOTIFY payload, 28 bytes left
    Sep 16 22:28:10 05[ENC] <1> parsing payload from => 28 bytes @ 0x7f1b18000cd0
    Sep 16 22:28:10 05[ENC] <1> 0: 00 00 00 1C 00 00 40 05 AA E4 23 F4 5C 23 FF 4C ......@...#.\#.L
    Sep 16 22:28:10 05[ENC] <1> 16: 81 C6 D7 CA 06 A8 71 7D AB 0F 6C 3D ......q}..l=
    Sep 16 22:28:10 05[ENC] <1> parsing rule 0 U_INT_8
    Sep 16 22:28:10 05[ENC] <1> => 0
    Sep 16 22:28:10 05[ENC] <1> parsing rule 1 FLAG
    Sep 16 22:28:10 05[ENC] <1> => 0
    Sep 16 22:28:10 05[ENC] <1> parsing rule 2 RESERVED_BIT
    Sep 16 22:28:10 05[ENC] <1> => 0
    Sep 16 22:28:10 05[ENC] <1> parsing rule 3 RESERVED_BIT
    Sep 16 22:28:10 05[ENC] <1> => 0
    Sep 16 22:28:10 05[ENC] <1> parsing rule 4 RESERVED_BIT
    Sep 16 22:28:10 05[ENC] <1> => 0
    Sep 16 22:28:10 05[ENC] <1> parsing rule 5 RESERVED_BIT
    Sep 16 22:28:10 05[ENC] <1> => 0
    Sep 16 22:28:10 05[ENC] <1> parsing rule 6 RESERVED_BIT
    Sep 16 22:28:10 05[ENC] <1> => 0
    Sep 16 22:28:10 05[ENC] <1> parsing rule 7 RESERVED_BIT
    Sep 16 22:28:10 05[ENC] <1> => 0
    Sep 16 22:28:10 05[ENC] <1> parsing rule 8 RESERVED_BIT
    Sep 16 22:28:10 05[ENC] <1> => 0
    Sep 16 22:28:10 05[ENC] <1> parsing rule 9 PAYLOAD_LENGTH
    Sep 16 22:28:10 05[ENC] <1> => 28
    Sep 16 22:28:10 05[ENC] <1> parsing rule 10 U_INT_8
    Sep 16 22:28:10 05[ENC] <1> => 0
    Sep 16 22:28:10 05[ENC] <1> parsing rule 11 SPI_SIZE
    Sep 16 22:28:10 05[ENC] <1> => 0
    Sep 16 22:28:10 05[ENC] <1> parsing rule 12 U_INT_16
    Sep 16 22:28:10 05[ENC] <1> => 16389
    Sep 16 22:28:10 05[ENC] <1> parsing rule 13 SPI
    Sep 16 22:28:10 05[ENC] <1> => 0 bytes @ (nil)
    Sep 16 22:28:10 05[ENC] <1> parsing rule 14 CHUNK_DATA
    Sep 16 22:28:10 05[ENC] <1> => 20 bytes @ 0x7f1b100023c0
    Sep 16 22:28:10 05[ENC] <1> 0: AA E4 23 F4 5C 23 FF 4C 81 C6 D7 CA 06 A8 71 7D ..#.\#.L......q}
    Sep 16 22:28:10 05[ENC] <1> 16: AB 0F 6C 3D ..l=
    Sep 16 22:28:10 05[ENC] <1> parsing NOTIFY payload finished
    Sep 16 22:28:10 05[ENC] <1> verifying payload of type NOTIFY
    Sep 16 22:28:10 05[ENC] <1> NOTIFY payload verified, adding to payload list
    Sep 16 22:28:10 05[ENC] <1> process payload of type SECURITY_ASSOCIATION
    Sep 16 22:28:10 05[ENC] <1> process payload of type KEY_EXCHANGE
    Sep 16 22:28:10 05[ENC] <1> process payload of type NONCE
    Sep 16 22:28:10 05[ENC] <1> process payload of type NOTIFY
    Sep 16 22:28:10 05[ENC] <1> process payload of type NOTIFY
    Sep 16 22:28:10 05[ENC] <1> verifying message structure
    Sep 16 22:28:10 05[ENC] <1> found payload of type NOTIFY
    Sep 16 22:28:10 05[ENC] <1> found payload of type NOTIFY
    Sep 16 22:28:10 05[ENC] <1> found payload of type SECURITY_ASSOCIATION
    Sep 16 22:28:10 05[ENC] <1> found payload of type KEY_EXCHANGE
    Sep 16 22:28:10 05[ENC] <1> found payload of type NONCE
    Sep 16 22:28:10 05[ENC] <1> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
    Sep 16 22:28:10 05[CFG] <1> looking for an ike config for 172.21.241.94...220.166.51.91
    Sep 16 22:28:10 05[IKE] <1> no IKE config found for 172.21.241.94...220.166.51.91, sending NO_PROPOSAL_CHOSEN
    Sep 16 22:28:10 05[ENC] <1> added payload of type NOTIFY to message
    Sep 16 22:28:10 05[ENC] <1> order payloads in message
    Sep 16 22:28:10 05[ENC] <1> added payload of type NOTIFY to message
    Sep 16 22:28:10 05[ENC] <1> generating IKE_SA_INIT response 0 [ N(NO_PROP) ]
    Sep 16 22:28:10 05[ENC] <1> not encrypting payloads

    这种已经够详细了吧,但是还是看不出客户端到底用的什么加密,什么 HASH 和什么 FPS 模式
    feast
        10
    feast  
    OP
       2018-10-05 23:59:37 +08:00
    @Seumi 老兄非常感谢你的热心回复,但是你针对的是 traffic 阶段的 ESP 封包解密,但是我的意思是获取 ISKAMP 阶段 AH 封包的配置信息,AH 包是不加密的,是用来握手的
    feast
        11
    feast  
    OP
       2018-10-06 00:00:37 +08:00   ❤️ 1
    @mason961125 如果客户端能配我也不会大费周章找工具了,就是不知道客户端用的什么模式,只能不断改服务端配置来试探
    Seumi
        12
    Seumi  
       2018-10-06 00:01:10 +08:00 via Android
    IKE_SA_INIT 阶段的两条报文不是明文吗,可以看加密套件的协商结果,而且正常的话,日志里会显示协商过程
    Seumi
        13
    Seumi  
       2018-10-06 00:02:42 +08:00 via Android
    不是啊,就是 IKE_SA_INIT 和 IKE_AUTH 握手阶段,后面是 ESP 阶段
    feast
        14
    feast  
    OP
       2018-10-06 00:05:32 +08:00
    @Seumi 你看我发的日志,sw 的日志协商阶段根本看不出客户端请求的什么加密方式,直接就提示一个 no IKE config found,这种让人很郁闷呐
    feast
        15
    feast  
    OP
       2018-10-06 00:09:28 +08:00
    我的想法是,既然是握手,客户端发送给服务器的 ISAKMP 包一定会包括 JUNIPER 官方说的
    Authentication algorithm (MD5, SHA1)
    Encryption algorithm (DES, 3DES, AES128, AES192, AES256)
    Lifetime kilobytes (sometimes referred to as lifesize)
    Lifetime seconds
    Protocol (AH, ESP)
    Perfect Forward Secrecy (Diffie-Hellman group1, group2, group5)
    这几类信息,这几类信息用什么工具才能解析出来呢?我是目前没看到有任何类似的工具,IPSec 我感觉网上大部分富强的也就是抄配置+撞运气,压根没管参数的真正意义

    @Seumi
    Seumi
        16
    Seumi  
       2018-10-06 00:16:59 +08:00 via Android
    用 wireshark 就可以,IKE 握手有两个阶段,第一个阶段 IKE_SA_INIT 的两条报文是明文,就包含你说的这几个加密套件,然后紧接着的 IKE_AUTH 阶段就会用上面协商的方法加密。你用 wireshark 抓到前两条报文,就能看到加密套件协商结构体
    Seumi
        17
    Seumi  
       2018-10-06 00:23:36 +08:00
    feast
        18
    feast  
    OP
       2018-10-06 00:24:03 +08:00 via Android
    @Seumi 那这个阶段两端的 AUTH MODE 不同会不会导致出现上面的 NO PROPOSAL 错误呢,比如一端是未知的 oem 过的 psk 加密,一段是 psk 我感觉那个 IKE config strongswan 应该不仅仅判断了那几个加密套件要素,这方面兄台是否有所深入了解过?
    Seumi
        19
    Seumi  
       2018-10-06 00:26:42 +08:00


    日志里的协商过程大概是这样的
    zhaoxiting1997
        20
    zhaoxiting1997  
       2018-10-06 00:29:47 +08:00 via Android
    试试 strongswan android 端,日志里可能有些有用的信息,服务器接受什么加密方式之类的
    Seumi
        21
    Seumi  
       2018-10-06 00:29:55 +08:00
    https://github.com/quericy/one-key-ikev2-vpn
    你试试这个,基于 strongswan 的一键配置
    feast
        22
    feast  
    OP
       2018-10-06 00:29:59 +08:00 via Android
    @Seumi 我感觉我还是没把日志调到最高,你这个日志是使用 strongswan 什么版本搭配各种命令行开启这种 verbose log 的
    feast
        23
    feast  
    OP
       2018-10-06 00:30:32 +08:00 via Android
    @zhaoxiting1997 那个的确挺丰富,但是那只是客户端好像
    feast
        24
    feast  
    OP
       2018-10-06 00:32:11 +08:00 via Android
    @Seumi 这个我很早就用过了,之前研究 IKEV2 的时候,这个脚本算是兼容性比较好的,但是我手上的终端并非一般意义上的标准 android 终端
    Seumi
        25
    Seumi  
       2018-10-06 00:36:56 +08:00
    The IKE daemon knows different numerical levels of logging, ranging from -1 to 4:

    -1: Absolutely silent
    0: Very basic auditing logs, (e.g. SA up/SA down)
    1: Generic control flow with errors, a good default to see whats going on
    2: More detailed debugging control flow
    3: Including RAW data dumps in hex
    4: Also include sensitive material in dumps, e.g. keys

    输出级别最高就是 4 了
    feast
        26
    feast  
    OP
       2018-10-06 00:40:14 +08:00 via Android
    @Seumi 我上面的 log 就是 4 级输出,然而没用
    Seumi
        27
    Seumi  
       2018-10-06 00:48:47 +08:00


    不解密可以看到 SA 负载里的内容的啊
    feast
        28
    feast  
    OP
       2018-10-06 00:53:50 +08:00 via Android
    @Seumi 我已经看到了 proposal 里的内容了,明日我再修改服务器配置看一下,谢谢老兄了,SA_INIT 阶段是否会验证 AUTH 方法?目前看起来是 SA 建立后才进行 AUTH 协商的吧
    ladeo
        29
    ladeo  
       2018-10-06 07:45:40 +08:00 via Android
    1.racoon 就别用了太老了
    2.你应该补一下最基本的 ipsec 概念,ike v1,ike v2,main mode,aggresive mode 的握手都不一样。
    3.ipsec 最主要的就是 2 端匹配,匹配了肯定能起来
    4.strongswan 和 juniper 是能连的,我自己就在用
    5.换个运营商的线路看看,有时是背墙了
    6.NAT 问题,NAT 次数太多。或者 n 没有开 NAT-T
    cwbsw
        30
    cwbsw  
       2018-10-06 09:21:31 +08:00
    IPSec 配置还好吧,简单的场景还是蛮简单的,严格照着 Strongswan 官网 wiki 上的来就可以了。我在 OpenWrt 路由器上配置了 IPSec 网关,iOS、Android、Windows 都没问题。
    zxq2233
        31
    zxq2233  
       2018-10-07 09:03:55 +08:00
    您好,我是苏州思杰马克丁的法务专员,本内容有侵犯我司软件著作权之嫌,故烦请贴主将本文删除,谢谢!
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   3953 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 29ms · UTC 05:11 · PVG 13:11 · LAX 21:11 · JFK 00:11
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.