This shows you the differences between two versions of the page.

Link to this comparison view

ipsec_keys [2011/08/30 16:42]
ipsec_keys [2011/08/30 17:34] (current)
Line 1: Line 1:
 +====== Dumping Key Material ======
 +The femtocell uses the proprietary IPsec solution from [[http://www.xpressent.com/MobilityClientOEM.html|xpressent]].
 +It comprises the **ipsec** user-space program and the **xpressvpn.ko** kernel module.
 +**ipsec** is passing ISAKMP key material (isakmp_send) via a socket sendto(2) before it's passed to the kernel (PF_KEY2). We hijack this in order to get the keys.
 +We found out which message contained the keys by ptracing **ipsec** when used to connected to our [[ipsec_server|IPsec server]], where we would know the keys.
 +In the next step we wrote a small shared library to hook the sendto glibc wrapper functions in order
 +to grab the keys from the right message and send it over network so we can decrypt the traffic.
 +Currently we are looking for a specific packet length (500 bytes), which contains all the keys (with know offset).
 +It was the easiest way to implement for now.
 +We could also parse this properly and check if it's an SADB_ADD message.
 +===== install =====
 +  * get the {{:ipsec.tar.bz2|source}}
 +  * compile on armel using [[scratchbox]]
 +  gcc -shared -ldl -fPIC libipsec.c -o libipsec.so
 +  * copy binaries :
 +    * copy **images/ubiqfs/bin/ipsec** to **install/ubiqfs/bin/ipsec_new**
 +    * copy previously compiled **libipsec.so** to **install/ubiqfs/lib/libipsec.so**
 +  * create ipsec scripts
 +  tee install/ubiqfs/bin/ipsec << EOF
 +  #!/bin/sh
 +  export LD_PRELOAD="libipsec.so"
 +  ./ipsec_new
 +  EOF
 +  chmod +x install/ubiqfs/bin/ipsec
 +===== key material =====
 +  * **libipsec.so** will send the keys to, in form:
 +  spi(init): 939f6246, spi(resp): 86409e00, hmac(init): 57a593867d52a2c87a3c0c7fe0a3b63da2c3ab76, hmac(resp): 68077422d2086976cad9899d1c12fc34d3b43c5d, key(init): c9963796e951f4c70b210487256358a9, key(resp): 3d2c204f11dda5714dbc49c5ec05ad69
 +====== Decrypting Traffic ======
 +==== espdecrypt ====
 +[[http://www.cs.rpi.edu/~flemej/freebsd/espdecrypt/|espdecrypt]] (by [[mailto:jflemer@alum.rpi.edu|James Flemer]]) can decrypt ESP packet, but not the one from the femtocell because it uses aes-cbc.
 +With a small patch you can add aes-cbc support (based on openssl), however the tool seems a bit old and fragile.
 +Also the tool drops packets it can't decrypt rather than leaving them encrypted.
 +Hence, we are not going further into this. But in general this tool should work somehow.
 +==== wireshark/tshark ====
 +to decrypt the ESP traffic using wireshark/tshark (replace the corresponding keys) :
 +  wireshark -n -k -i eth1 \
 +  -o esp.enable_null_encryption_decode_heuristic:true \
 +  -o esp.enable_authentication_check:true \
 +  -o esp.enable_encryption_decode:true \
 +  -o "esp.sa_1:IPv4|*|*|0xf6f31b00" \
 +  -o "esp.encryption_algorithm_1:AES-CBC [RFC3602]" \
 +  -o "esp.encryption_key_1:0x5bcb0763901770bcc09f6409f56501a6" \
 +  -o "esp.authentication_algorithm_1:HMAC-SHA-1-96 [RFC2404]" \
 +  -o "esp.authentication_key_1:0x94c42e95f28ad366372f17a25f96ef7ae8375327" \
 +  -o "esp.sa_2:IPV4|*|*|0x939b2a0c" \
 +  -o "esp.encryption_algorithm_2:AES-CBC [RFC3602]" \
 +  -o "esp.encryption_key_2:0xd99f1d963eaee84c3c9745b5ed5c8c31" \
 +  -o "esp.authentication_algorithm_2:HMAC-SHA-1-96 [RFC2404]" \
 +  -o "esp.authentication_key_2:0x5297ee8e2eba0936c722611c0f721b63943d0546" \
 +  -f "not udp port 1338 and not tcp port 22"
 +It is only possible to view the decrypted packets, but not to save them.
 +==== Dumping Voice ====
 +Given this toolchain, one can e.g. dump sniffed voice calls.
 +The procedure for this is describe in [[voice-decoder]].
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 3.0 Unported
Recent changes RSS feed Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki