SSL Handshake

[rickuz]

Hi Guys,

I installed Mallory on Ubuntu and activated:

ssl_1: sslproto.SSLProtocol:5222

ssl_2: sslproto.SSLProtocol:443

http_1:http.HTTP:80

i also imported the root ca ./ca/ca.crt into my Phones

so now when i am trying to use the TwitterAPP or WhatsApp on my iPhone i get this debug msg:

[*] [2012-07-17 11:00:14,976] DEBUG:SSLProtocol: Initializing

[*] [2012-07-17 11:00:14,976] DEBUG:Mallory.main: created a <class 'protocol.sslproto.SSLProtocol'> class

[*] [2012-07-17 11:00:14,976] DEBUG:ConfigRules.getrules: <class Rule Debug All -- addr:* port:* proto:* direction:* payload:* passthru:False (<rule.Debug object at 0x97bda6c>)>

[*] [2012-07-17 11:00:14,977] DEBUG:ConfigRules.getrules: client requested rules -  [<rule.Rule object at 0x97bda2c>]

[*] [2012-07-17 11:00:14,977] DEBUG:SSLProto: configure_server_socket

[*] [2012-07-17 11:00:16,204] ERROR:main: error connecting to remote

Traceback (most recent call last):

  File "./mallory.py", line 450, in main

    protoinst.destination.connect((shost, int(sport)))

  File "/usr/lib/python2.6/ssl.py", line 309, in connect

    self.do_handshake()

  File "/usr/lib/python2.6/ssl.py", line 293, in do_handshake

    self._sslobj.do_handshake()

SSLError: [Errno 8] _ssl.c:480: EOF occurred in violation of protocol

(<class 'ssl.SSLError'>, SSLError(8, '_ssl.c:480: EOF occurred in violation of protocol'), <traceback object at 0x988cf04>)

[*] [2012-07-17 11:00:17,075] INFO:main: got connection from: 10.0.0.47:51119

 

I figured that this is a ca problem, so i user the ./src/clean.sh and ./src/cert.sh (dont know if this was necessary but i tried it anyway. But same problem.

Do u guys have any idea?

Thanks for your time and help

Patrick

[rickuz]

or is that the hardcoded CA Problem