DIT is a DTLS MitM proxy implemented in Python 3. It can intercept, manipulate and suppress datagrams between two DTLS endpoints and supports psk-based and certificate-based authentication schemes (RSA + ECC).

Overview

DIT - DTLS Interception Tool

DIT is a MitM proxy tool to intercept DTLS traffic.

It can intercept, manipulate and/or suppress DTLS datagrams between two DTLS endpoints. To achieve this, the machine DIT is running on has to be put in a MitM position with tools like arpspoof. DIT has been built with Python 3.8, utilizes scapy and python-mbedtls to process datagrams and supports a wide variety of cipher suites. It can handle PSK-based and certificate-based (RSA + ECC) authentication schemes and has been built and tested on Debian-based Linux operating systems like Ubuntu or Kali Linux.

DIT has been built to analyze traffic between IoT devices but can intercept any DTLS traffic in a local network. It has been tested and evaluated with OpenSSL and devices from the IKEA TRÅDFRI and Philips Hue series. DIT can print the decrypted datagram payload to stdout or write it into a logfile. The tool can be configured via CLI arguments or via a configuration file (./config/dit_config.yaml).

1. Installation

DIT works with raw sockets and needs to run with root privileges. You can install DIT by simply cloning the repository and installing the dependencies listed in requirements.txt with elevated privileges.

git clone https://github.com/CountablyInfinite/dit
pip3 install -r requirements.txt

2. Getting started

2.1 Verifying the installation

After cloning and installing the dependencies you can run the following command with elevated privileges to see if DIT has been installed successfully:

./dit.py -h
**************************
*   ___    ___   _____   *
*  |   \  |_ _| |_   _|  *
*  | |) |  | |    | |    *
*  |___/  |___|   |_|    *
*                        *
* DTLS INTERCEPTION TOOL *
*                        *
**************************

usage: ./dit.py [optional arguments] start

check configuration stored in ./config/dit_config.yaml before running DIT. 
edit the file or use optional command line arguments to override the default configuration. 
DIT needs root privileges and custom iptable rules to work properly.

run DIT:
  start                 run DIT with the current settings (args override config file settings)

target configuration:
  -isi , --iot_srv_ip   iot server ip address (listening service) to be intercepted (config file: 192.168.183.129)
  -isp , --iot_srv_po   iot server port to be intercepted. (config file: 1337)
  -ici , --iot_cli_ip   iot client ip address to be intercepted. (config file: 192.168.183.128)

interface configuration:
  -eif , --ex_if_name   external interface name (e.g. "eth0") to listen for incoming connections. (config file: ens33)
  -lif , --lh_if_name   local interface name (e.g. "lo") to communicate with local services. (config file: lo)

psk configuration:
  -cid , --cli_id       client identity to configure server and client handler with. (config file: Client_identity)
  -psk , --pre_sh_key   pre-shared key to configure server and client handler with. (config file: DIT_secret)
  --ciphers  [ ...]     list of ciphers to use, separated by spaces. (config file: None)

certificate configuration:
  -cer, --use_cert      [FLAG] use certificates as a method of authentication (instead of a psk). (config file: False)
  -ks , --key_size      length of the RSA/ECC key in bits. (config file: 2048)
  -ecc, --use_ecc       [FLAG] use 521 bit ECC instead of RSA to generate a key pair. disables --key_size. (config file: False)

local services configuration:
  -lci , --lh_cli_ip    local ip address to start a client handler (DTLS server) on. (config file: 127.0.0.1)
  -lcp , --lh_cli_po    local port to start a client handler (DTLS server listener) on. (config file: 1338)
  -lsi , --lh_srv_ip    local ip address to connect a server handler (DTLS client) to. (config file: 127.0.0.1)
  -lsp , --lh_srv_po    local port to connect a server handler (DTLS client) to. (config file: 1339)

miscellaneous:
  -ibl, --icmp_block    [FLAG] automatically create an iptables rule to suppress icmp 'destination unreachable' messages
  -o , --output_file    append intercepted unencrypted messages to an output file
  -v, --verbose         [FLAG] increase verbosity to DEBUG level
  -h, --help            [FLAG] show this help text and exit

examples:
./dit.py -isi 192.168.0.1 -isp 1337 -ici 192.168.0.2 --ciphers TLS-PSK-WITH-AES-128-CCM-8 TLS-PSK-WITH-CHACHA20-POLY1305-SHA256 -psk DIT_secret start
./dit.py --iot_srv_ip 192.168.0.1 --iot_cli_ip 192.168.0.2 --use_cert --key_size 3072 --ciphers TLS-RSA-WITH-AES-128-GCM-SHA256 --verbose start
./dit.py -isi 192.168.0.1 -ici 192.168.0.2 --use_cert -ecc --output_file logfile.log --verbose start

this tool has been created for the purposes of academic research. 
use responsibly and only when explicitly authorized.

2.2 Prerequisite

2.2.1 Elevated privileges

DIT uses raw sockets and therefore needs to run with elevated (root) privileges.

2.2.2 iptables rule

DIT builds four proxy layers with scapy that are communicating between the external interface and the DTLS services running on localhost. To suppress upcoming "Destination unreachable" errors - that cause DIT to halt with an error - a custom iptables rule is necessary. You can generate it with the following command:

iptables -I OUTPUT -d localhost-ip -p icmp --icmp-type destination-unreachable -j DROP

The iptable rules can be set/unset automatically by using the --icmp_block argument when starting DIT.

./dit.py --icmp_block start

2.2.3 MitM position

For DIT to work it has to be run from a MitM position. A MitM position can be achieved in many ways, one of them is by using the tool arpspoof (part of the dsniff tool suite). To gain a MitM position in a local network between the clients 192.168.0.1 and 192.168.0.2 you can use the following command:

arpspoof -i ens33 -t 192.168.0.1 -r 192.168.0.2

2.3 Configuring DIT

DIT can be configured via CLI arguments or via a configuration file (./config/dit_config.yaml). CLI arguments override settings stored in the configuration file. When calling ./dit.py -h - as depicted in section 2.1 - DIT prints out the current configuration that has been read from the configuration file.

2.3.1 ./config/dit_config.yaml

DIT comes with a default configuration you'll need to adapt before running an attack.

cat ./config/dit_config.yaml 
# configure spoofing/sniffing targets
targets:  
  iot_srv_ip: 192.168.183.129
  iot_srv_po: 1337
  iot_cli_ip: 192.168.183.128
  ciphers:
    # if no ciphers are configured, DIT will offer all ciphersuites available with mbedTLS
    #- TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384
    #- TLS-PSK-WITH-AES-128-CCM-8
    #- TLS-RSA-WITH-AES-128-GCM-SHA256

# configure interface names
interfaces:
  ex_if_name: ens33
  lh_if_name: lo

# configure psk options
psk:
  cli_id: Client_identity
  pre_sh_key: DIT_secret

# configure certificate options
certificate:
  # default is RSA. "use_ecc" arg enables ECC and disables key_size
  use_cert: False
  key_size: 2048
  use_ecc: False

# configure local dtls services
local_services:
  lh_cli_ip: 127.0.0.1
  lh_cli_po: 1338
  lh_srv_ip: 127.0.0.1
  lh_srv_po: 1339

targets:

  • iot_srv_ip: IP address of the dtls server
  • iot_srv_po: Port the dtls server is listening on
  • iot_cli_ip: IP address of the dtls client
  • ciphers: List of cipher suites (using the OpenSSL format) DIT will offer/support when establishing the connections. When no suites are configured DIT offers/supports all cipher suites available with mbedTLS.

interfaces:

  • ex_if_name: Name of the external interface DIT will operate on.
  • lh_if_name: Name of the internal interface DIT will operate on. Local DTLS server and client services will operate on this interface.

psk:

  • cli_id: Client identy to be used when accepting / establishing DTLS connections. (Default key is 'Client_identity')
  • pr_sh_key: PSK to be used when accepting / establishing DTLS connections. (ASCII encoded)

certificate:

  • use_cert: Boolean value. Activates the usage of RSA certificates. DIT automatically creates and uses a corresponding certificate with "key_size" Bits in length.
  • key_size: Length of the RSA key in bits.
  • use_ecc: Boolean value. Activates the usege of ECC certificates. Only works when "use_cert" is set. Deactivates "key_size".

local services:

  • lh_cli_ip: IP address of the localhost interface the dtls client is running on. (typically 127.0.0.1)
  • lh_cli_po: Port the local client instance is accepting traffic on. (needn't be changed in a typical setup)
  • lh_srv_ip: IP address of the localhost interface the dtls server is running on. (typically 127.0.0.1)
  • lh_srv_po: Port the local server instance is accepting traffic on. (needn't be changed in a typical setup)

2.3.2 Command Line Arguments

DIT can be configured via Command Line Arguments. The arguments are listed and described when calling ./dit.py -h - as shown in section 2.1. Command Line Arguments override settings stored in the configuration file and are a fast way to adapt/test settings without changing the config file.

3. Use cases / Evaluation

Refer to https://github.com/CountablyInfinite/dit/tree/master/doc

Composable transformations of Python+NumPy programs: differentiate, vectorize, JIT to GPU/TPU, and more

JAX: Autograd and XLA Quickstart | Transformations | Install guide | Neural net libraries | Change logs | Reference docs | Code search News: JAX tops

Google 21.3k Jan 01, 2023
Code for CMaskTrack R-CNN (proposed in Occluded Video Instance Segmentation)

CMaskTrack R-CNN for OVIS This repo serves as the official code release of the CMaskTrack R-CNN model on the Occluded Video Instance Segmentation data

Q . J . Y 61 Nov 25, 2022
A PyTorch implementation of "From Two to One: A New Scene Text Recognizer with Visual Language Modeling Network" (ICCV2021)

From Two to One: A New Scene Text Recognizer with Visual Language Modeling Network The official code of VisionLAN (ICCV2021). VisionLAN successfully a

81 Dec 12, 2022
Unofficial PyTorch code for BasicVSR

Dependencies and Installation The code is based on BasicSR, Please install the BasicSR framework first. Pytorch=1.51 Training cd ./code CUDA_VISIBLE_

Long 59 Dec 06, 2022
A tool to estimate time varying instantaneous reproduction number during epidemics

EpiEstim A tool to estimate time varying instantaneous reproduction number during epidemics. It is described in the following paper: @article{Cori2013

MRC Centre for Global Infectious Disease Analysis 78 Dec 19, 2022
Fluency ENhanced Sentence-bert Evaluation (FENSE), metric for audio caption evaluation. And Benchmark dataset AudioCaps-Eval, Clotho-Eval.

FENSE The metric, Fluency ENhanced Sentence-bert Evaluation (FENSE), for audio caption evaluation, proposed in the paper "Can Audio Captions Be Evalua

Zhiling Zhang 13 Dec 23, 2022
Code for the tech report Toward Training at ImageNet Scale with Differential Privacy

Differentially private Imagenet training Code for the tech report Toward Training at ImageNet Scale with Differential Privacy by Alexey Kurakin, Steve

Google Research 29 Nov 03, 2022
PyTorch implementation of Deformable Convolution

PyTorch implementation of Deformable Convolution !!!Warning: There is some issues in this implementation and this repo is not maintained any more, ple

Wei Ouyang 893 Dec 18, 2022
Multiwavelets-based operator model

Multiwavelet model for Operator maps Gaurav Gupta, Xiongye Xiao, and Paul Bogdan Multiwavelet-based Operator Learning for Differential Equations In Ne

Gaurav 33 Dec 04, 2022
Official implementation of "Towards Good Practices for Efficiently Annotating Large-Scale Image Classification Datasets" (CVPR2021)

Towards Good Practices for Efficiently Annotating Large-Scale Image Classification Datasets This is the official implementation of "Towards Good Pract

Sanja Fidler's Lab 52 Nov 22, 2022
Study of human inductive biases in CNNs and Transformers.

Are Convolutional Neural Networks or Transformers more like human vision? This repository contains the code and fine-tuned models of popular Convoluti

Shikhar Tuli 39 Dec 08, 2022
A Shading-Guided Generative Implicit Model for Shape-Accurate 3D-Aware Image Synthesis

A Shading-Guided Generative Implicit Model for Shape-Accurate 3D-Aware Image Synthesis Figure: Shape-Accurate 3D-Aware Image Synthesis. A Shading-Guid

Xingang Pan 115 Dec 18, 2022
Simple is not Easy: A Simple Strong Baseline for TextVQA and TextCaps[AAAI2021]

Simple is not Easy: A Simple Strong Baseline for TextVQA and TextCaps Here is the code for ssbassline model. We also provide OCR results/features/mode

ZephyrZhuQi 51 Nov 18, 2022
Learning-based agent for Google Research Football

TiKick 1.Introduction Learning-based agent for Google Research Football Code accompanying the paper "TiKick: Towards Playing Multi-agent Football Full

Tsinghua AI Research Team for Reinforcement Learning 90 Dec 26, 2022
A self-supervised 3D representation learning framework named viewpoint bottleneck.

Pointly-supervised 3D Scene Parsing with Viewpoint Bottleneck Paper Created by Liyi Luo, Beiwen Tian, Hao Zhao and Guyue Zhou from Institute for AI In

63 Aug 11, 2022
Machine Learning University: Accelerated Computer Vision Class

Machine Learning University: Accelerated Computer Vision Class This repository contains slides, notebooks, and datasets for the Machine Learning Unive

AWS Samples 1.3k Dec 28, 2022
Object detection GUI based on PaddleDetection

PP-Tracking GUI界面测试版 本项目是基于飞桨开源的实时跟踪系统PP-Tracking开发的可视化界面 在PaddlePaddle中加入pyqt进行GUI页面研发,可使得整个训练过程可视化,并通过GUI界面进行调参,模型预测,视频输出等,通过多种类型的识别,简化整体预测流程。 GUI界面

杨毓栋 68 Jan 02, 2023
Negative Interactions for Improved Collaborative Filtering:

Negative Interactions for Improved Collaborative Filtering: Don’t go Deeper, go Higher This notebook provides an implementation in Python 3 of the alg

Harald Steck 21 Mar 05, 2022
Meta-TTS: Meta-Learning for Few-shot SpeakerAdaptive Text-to-Speech

Meta-TTS: Meta-Learning for Few-shot SpeakerAdaptive Text-to-Speech This repository is the official implementation of "Meta-TTS: Meta-Learning for Few

Sung-Feng Huang 128 Dec 25, 2022
Keras community contributions

keras-contrib : Keras community contributions Keras-contrib is deprecated. Use TensorFlow Addons. The future of Keras-contrib: We're migrating to tens

Keras 1.6k Dec 21, 2022