mitm comment

author seantywork <seantywork@gmail.com>

Mon, 9 Jun 2025 07:42:46 +0000 (16:42 +0900)

committer seantywork <seantywork@gmail.com>

Mon, 9 Jun 2025 07:42:46 +0000 (16:42 +0900)
author seantywork <seantywork@gmail.com>
Mon, 9 Jun 2025 07:42:46 +0000 (16:42 +0900)
committer seantywork <seantywork@gmail.com>
Mon, 9 Jun 2025 07:42:46 +0000 (16:42 +0900)
diff --git a/mitm-tls/2506-02.xyz.md b/mitm-tls/2506-02.xyz.md

index df46c502d7b6e4678c4d139980e54dceda3a5c53..517bee7cd6b3aa81aabffa6af4b0cfb3fa95a9be 100644 (file)
--- a/mitm-tls/2506-02.xyz.md
+++ b/mitm-tls/2506-02.xyz.md
@@ -289,6 +289,36 @@ The "session_hash" is intended to encompass all relevant session
  
  ```
  
+# 13-1
+
+```c
+     // do serve listens from PF_PACKET socket
+void do_serve();
+  |  
+  |  // process rx actually captures the packet
+  |
+void* process_rx(const int fd, char* rx_ring, int* len);
+  |
+  |  // sniff packet lets sniff action handles the packet,
+  |  // if it's TCP
+  |
+void sniff_packet(void* packet);
+  |
+  |  // by examining TLS flag, it gathers data from Client Hello, Server Hello,
+  |  // etc untils it hits Client Key Exchange
+  |  
+void sniff_action(uint8_t* dataraw);
+  |
+  |  // if it's Client Key Exchange, it runs the process of
+  |  // hijacking master secret
+  ------>  int hijack_key();
+  |
+  |  // if it successfully hijacked master secret
+  |  // it's time to decrypt the client message!
+  ------> int cbc256_decrypt(uint8_t* enc_msg, int enclen, uint8_t* cbc_key, uint8_t* cbc_iv, uint8_t* plain_msg);
+
+```
+
  
  # 13
author	seantywork <seantywork@gmail.com>
	Mon, 9 Jun 2025 07:42:46 +0000 (16:42 +0900)
committer	seantywork <seantywork@gmail.com>
	Mon, 9 Jun 2025 07:42:46 +0000 (16:42 +0900)