7/23/2019 How-To (1)

1/15

Python Protocol SimulatorBy Sergej repfler (sergej.srepfler@gmail.com)

Ver 0.3

A quick guide

1. How to buil iameter message flow usi!g lib"iameter.......................................#1.1 $opyi!g e%isti!g iameter pac&ets..............................................................#1.# Buili!g re'uest wit V*s..........................................................................31.3 +i%i!g V*s a! u!&!ow! ,alues...............................................................-

#. How to buil raius message flow usi!g ra$lie!t...............................................#.1 $opyi!g e%isti!g raius pac&ets..................................................................

#.# Buili!g re'uest wit V*s........................................................................../#.3 +i%i!g V*s a! u!&!ow! ,alues...............................................................3. *2*ayloa*2+essage..............................................................................10

3.1 4eal time *2S5+ calculatio!s (3 algoritm)...................................103.# 4eal time *26 calculatio!s (mile!age algoritm)..............................103.3 4eal time *267 calculatio!s (mile!age algoritm).............................11

-. Bug reports........................................................................................................ 1#8. ppe!i% 1 2 * calculatio!s...........................................................................13. ppe!i% # 9 $ompili!g calc..............................................................................1-/. ppe!i% 3 9 %ter!al sources : ;ice!ces........................................................18

mailto:sergej.srepfler@gmail.commailto:sergej.srepfler@gmail.com

7/23/2019 How-To (1)

2/15

1. How to build diameter message flow usinglibDiameter

7/23/2019 How-To (1)

3/15

Cote tat 5 just copy2paste te ,alue from wiresar& put tem u!er 'uotes a!ga,e tem appropriate !ame.

Here is simplifie a! mi!imalistic e%ample. See e%ample files for more i!fo. Dreyeis te pyto! script.

#!/usr/bin/env python

from diamClient import *

if __name__ == '__main__': HOS='server' O"=$%$

*lease moify H?SE a! *?4E to proper ,alues (you7ll efi!itely wa!t to ca!geH?SE to your ser,er ost!ame5*). "ictio!ary is !ot use i! tis e%ample.

Conn=Conne&tHOS(O") # et's build C+"

*lease i!sert !ewly create $4 ,ariable after tis. Cote tat pyto! usesi!e!tatio! so please o it rigt. %amples i! tis ocume!t are C?E alig!eproperly. *lease see e%amples irectory or rea some pyto! ma!ual. Eis ,ariablesoul be i! si!gle li!e

C+"=',-,,,,$&$,,,,-,-,,,,,,,,,,,,,,,-,$%,,,,-,,,,,-,$.,,,,,-%.%-0e,0%1%e.0e%%f%d,,,,,,,,,-0$.,,,,,-0,0%1%e.0e%%f%d,,,,,,,,,-,-.,,,,,,e,,,-,a-e%,&$,,,,,,,,,-,a.,,,,,,&,,,,0$af,,,,,-,d,,,,,,-2.&%-%e%.%&%1%.%2.$2.2,,,,,,,,,,,-,0.,,,,,,&,-,,,,0

0,,,,,--%.,,,,,,&.f0a,$%'# send data

Conn3sendC+"3de&ode'he4')) # "e&eive response re&eived = Conn3re&v-,0.)

e! o!eplease close co!!ectio!.

Conn3&lose)

! we are o!e. Eis is C?E te full message flow but it sowe you ow to

'uic&ly buil te iameter messages usi!g iam$lie!t a! e%isti!g s!oop from>iresar&.

1.2 Building request with AVPsEis is rater simple 9 ma!ually a all V*s to message. Fust be sure tat ;;V*s are i! ictio!ary. $omma!s a! Ve!ors are efi!e i! ictio!ary so ma&esure tat you "5" loa te iameter ictio!ary wit comma!

oad5i&tionary6di&t5iameter34ml6)

;et7s buil $4 (Cote= Gse your ,alues for ?45D5CH?SE a! ?45D5C4;+)=

# et's build C+"

7/23/2019 How-To (1)

4/15

C+"_avps=7 8 C+"_avps3appenden&ode9'Ori;inCEE? $HCD a! Gser2Came > "? >CE E? $HCD.

Cote= ,alues irectly from wiresar& s!oop. ?pe! V* youwa!t to copy rigt2clic& o! it a! $opy Bytes as He%2Stream. 4emember 9 alwaysclic& o! E?*+?SE le,el of V* you wa!t to copy !ot o! e%pa!e o!es.

?!ce we ca! see ,alues i! wiresar& we wa!t to copyca!ge we ca! ma&e a!y mi%we wa!t to. $apital letter ,ariables are for clarity. 4eplace tem wit e%pecte ,alues

# et's build 5+" 5+"_avps=78 5+"_avps3appenden&ode96Ori;in

7/23/2019 How-To (1)

5/15

5+"_avps3append6,,,,,-&e.,,,,,.,,0,,,,$,-,-0---0000,,,%0.,%&%-%e0e%d%e%,00e%d%%0%00e%,,%e%2.%f0%b0e%f0%6) 5+"_avps3append6,,,,,.,$&,,,,,-,,,,,0$af,,,,,,,,6) # ust to ilustrate that you &an mi4 it any Day you Dant 5+"_avps3append6,,,,,2e,&,,,,,-,,,,,0$af.$202,..6) 5+"_avps3appenden&ode969uthrouped 9s are en&oded liGe this 5+"_avps3appenden&ode96endor

7/23/2019 How-To (1)

6/15

. How to build radius message flow using rad!lient

iresar&s a! ope! your s!oops.?pe! te raius message you wa!t to copyemulate a! o te rigt2clic& o! 4aiusmessage a! $opy te Bytes as He%2Stream.

5! my e%ample 5 will copy te raius message so te bytes woul be

0b030081af1AAaA0acbc1abAc#effa-c-f0e010#000c1/0800000010000801#AAf0A#fca-/c#b8A/3e1bfc3a101##81ee1f-bccAa--A/3##f#8303e-eA0#3aA8#bffAc0#fc#8e00eb

So 9 let7s buil our message to i!clue i!to pyto!

+SDJ0b030081af1AAaA0acbc1abAc#effa-c-f0e010#000c1/0800000010000801#AAf0A#fca-/c#b8A/3e1bfc3a101##81ee1f-bccAa--A/3##f#8303e-eA0#3aA8#bffAc0#fc#8e00ebJ

Cote tat 5 just copy2paste te ,alue from wiresar& put tem u!er 'uotes a!ga,e tem appropriate !ame.

7/23/2019 How-To (1)

7/15

Here is simplifie a! mi!imalistic e%ample. See e%ample files for more i!fo. Dreyeis te pyto! script.

#!/usr/bin/env python

from radClient import *

if __name__ == '__main__': HOS='server' O"=$%$

*lease moify H?SE a! *?4E to proper ,alues (you7ll efi!itely wa!t to ca!geH?SE to your ser,er ost!ame5*). "ictio!ary is !ot use i! tis e%ample.

Conn=so&Get3so&Getso&Get39I_?+( so&Get3SOCJ_5>"9@) # et's build messa;e

*lease i!sert !ewly create ,ariable after tis. Cote tat pyto! uses i!e!tatio! soplease o it rigt. %amples i! tis ocume!t are C?E alig!e properly. *lease seee%amples irectory or rea some pyto! ma!ual. Eis ,ariable soul be i! si!gleli!e

ms;=6,b,,,2%-%af-11ad$1,%a&b&-ab%1&0eff$%a.&.f,e,-,0,,,&-,2,,,,,d,-,,,,2,-01$1f,10f&a%.&0b21ed-bf&a-$,d-$00d2-ee-f$.$b&&1a..10$0f%02,e.e1,0a12%0b$ff1&,0f%dd&0$d2e,,eb6

# send data Conn3sendtoms;3de&ode6he46)(HOS(O")) # "e&eive response re&eived = Conn3re&v-,0.)

e! o!e pleaseclose co!!ectio!.

Conn3&lose)

! we are o!e. Eis is C?E te full message flow but it sowe you ow to'uic&ly buil te raius messages usi!g ra$lie!t a! e%isti!g s!oop from>iresar&.

2.2 Building request with AVPs

Eis is rater simple 9 ma!ually a all V*s to message. Fust be sure tat ;;V*s are i! ictio!ary. $omma!s a! Ve!ors are efi!e i! ictio!ary so ma&esure tat you "5" loa te raius ictio!ary wit comma!

oad5i&tionary6di&t"adius34ml6)

;et7s buil raius message (Cote= Gse your ,alues for ?45D5CH?SE a!?45D5C4;+)=

# et's build messa;e "+S_avps=78 "+S_avps3appenden&ode96State6( S9+))

"+S_avps3appenden&ode96Callin;

7/23/2019 How-To (1)

8/15

"+S_avps3appenden&ode96Called

7/23/2019 How-To (1)

9/15

! !ow procee wit ai!g eaer fiels a! ma&i!g it te proper 4aiusmessage

# Create messa;e header empty) "+S=H5"tem) # Set &ommand &ode "+S3Code=di&tCO@@9?5name0&ode69&&ess

7/23/2019 How-To (1)

10/15

". #AP$Payload%#AP$&essageEo be able to createmoifyecoe * message import * moule.

#!/usr/bin/env python

from KKKClient import *import eap

if __name__ == '__main__': HOS='server' O"=$%$ oad5i&tionary6di&tKKKK34ml6) eap3oad+95i&tionary6di&t+934ml6)

! from !ow o! you ca! access * messages i! similar ma!!er.See i!clue e%amples for more etails.

3.1 "eal time #AP$%& calculations 'A3(A) algorithm*Eere is !o Jsta!arJ algoritm to calculate *2S5+ ,alues. 3D** publise$?+*1# as pri,ate algoritm (a,ailable o!ly to members) but tere is !oguara!tee tat your pro,ier will use e%act algoritm (it ca!ge o,er te years ueto security breac). Still 9 it is i!clue for complete!ess.

3.2 "eal time #AP$A+A calculations 'milenage algorithm*5f you &!ow ?* a! 6 for your subscriber (?perator2Specific $o!sta!t a!Subscriber Secret 6ey) it is possible to y!amically calculate all &eys.See e%ampleeap6calc.py for e%ample ow to o it. Here is o!ly i!teresti!gpart=

# art Lust to shoD Gey &al&ulation # Cal&ulation of +9 Jeys O=6aaaabbbb&&&&ddddaaaabbbb&&&&dddd6 J=66 dentity=6----0000.2%Fmn&-3m&&03;ppnetDorG3or;6 SM? = 6,,,,,,,,,,,-6 9@I = 66

# "9?5 is &opied from Challen;e "9?5=6&e1e0d$%&&$%dde.&&$$11-%-$.d26 N"+S(CJ(J(9J(9JS=eap3aGa_&al&_milena;eO(J("9?5) J+?C"(J9E(@SJ(+@SJ(@J=eap3aGa_&al&_Geysdentity(CJ(J) # 9E? is a&tually SM? 4or 9J 9@I N@9C params=6,46O6 ,46J6 ,46"9?56 ,46SM?6 ,469@I N@9C(@9CS=eap3e4e&_&al&6milena;e

7/23/2019 How-To (1)

11/15

3.3 "eal time #AP$A+A, calculations 'milenagealgorithm*

5f you &!ow ?* a! 6 for your subscriber (?perator2Specific $o!sta!t a!Subscriber Secret 6ey) it is possible to y!amically calculate all &eys.See e%ampleeap6*calc.py for e%ample ow to o it.

Ee o!ly iffere!ce betwee! 6 a! 67 is fuctio! for &ey calculatio! (will it useSH21 or SH2#8). Here is o!ly i!teresti!g part

# art Lust to shoD Gey &al&ulation # Cal&ulation of +9 Jeys O=6aaaabbbb&&&&ddddaaaabbbb&&&&dddd6 J=66dentity=6----0000.2%FDlan3mn&---3m&&0003;ppnetDorG3or;6 SM? = 6,,,,,,,,,,,-6 9@I = 66 # "9?5 is &opied from Challen;e "9?5=6&e1e0d$%&&$%dde.&&$$11-%-$.d26 N"+S(CJ(J(9J(9JS=eap3aGa_&al&_milena;eO(J("9?5) params=6,46O6 ,46J6 ,46"9?56 ,46SM?6 ,469@I N@9C(@9CS=eap3e4e&_&al&6milena;e

7/23/2019 How-To (1)

12/15

'. (ug re)orts*lease se! a!y ca!ges e!a!ceme!ts fi%es bug reports a! successfule%amples to my email. 5f you li&e tis tool a small o!atio! migt e!courage me to

e%te! it a bit furter.

7/23/2019 How-To (1)

13/15

*. A))endi+ 1 $ #AP calculationsKor all calculatio!s e%ter!al $ program is use. 5f you ru! it witout a!y parametersit will sow you usage e%amples. *refi% 0% i!icate tat ,alue soul be HL

e!coe wit 0% at te begi!!i!g.

a&a M5e!tityN M0%$&N M0%5&N a&aprime M5e!tityN M0%$&N M0%5&N mac1 M0%6autN M0%+SDN mac#8 M0%6autN M0%+SDN mile!age2f#3-8 M0%?*N M0%6N M0%4C"N mile!age2f1 M0%?*N M0%6N M0%4C"N M0%SOCN M0%+KN e!coe M0%5VN M0%6e!crN M0%+SDN ecoe M0%5VN M0%6e!crN M0%+SDN

?utput of a&a= +6 *4K 6C$4 6GE +S6 +S6?utput of a&aprime= 6C$4 6GE 64 +S6 +S6?utput of mac1 or mac#8= +$?utput of mile!age2f#3-8= L4S $6 56 6 6P?utput of mile!age2f1= L+$ +$S?utput of e!coe= e!crypte ,alue to be place i! EC$4"E?utput of ecoe= ecrypte V*s

7/23/2019 How-To (1)

14/15

,. A))endi+ - !om)iling calcEe source for all calculatio!s is i!clue. Eo compile it use e!closecalccompile.s. 5t soul be possible to compile it o! oter platforms as well (wit

probably some ca!ges ue to e!ia!!ess). ll supporti!g fu!ctio!s for calc.c wereta&e! from ostap source (ttp=w1.fiostap ) so if you are wa!eri!g about it 9ta&e a loo& at te origi!al sources$ompilatio! was teste=

?! ;i!u% wit gcc ?! 5!tel2base Solaris 10 wit gcc ?! >i!ows L* wit +i!D> (www.mi!gw.org)

Eo ,erify calculatio!s for !ewly built applicatio! i!clue is calctest.s script. 5tsoul report *SS or K5; for all supporte calculatio!s.

http://www.mingw.org/http://www.mingw.org/

7/23/2019 How-To (1)

15/15

. A))endi+ " - #+ternal sources / 0icences

*y*S itself is a,ailable u!er te terms of BS" lice!ce. See 4"+ for more

etails.

* $alculatio!s are performe usi!g coe from ostap$opyrigt (c) #00#2#01# Fou!i +ali!e! Mj@w1.fiN a! co!tributors.ttp =ostap .epitest.fiostap Eis software may be istribute use a! moifie u!er te terms of BS"lice!se. See 4"+ for more etails.

"ictio!ary co!tai!s ata from >iresar& ictio!aryttp=www.wiresar&.org>iresar&Q is a,ailable u!er te DCG De!eral *ublic ;ice!se ,ersio! #.

$?+*1# 3 lgoritm impleme!tatio!$opyrigt 1AA +arc Brice!o 5a! Dolberg a! "a,i >ag!er.ttp=www.scar.orggsm

http://hostap.epitest.fi/hostapd/http://hostap.epitest.fi/hostapd/http://hostap.epitest.fi/hostapd/http://hostap.epitest.fi/hostapd/http://www.wireshark.org/http://www.scard.org/gsmhttp://hostap.epitest.fi/hostapd/http://www.wireshark.org/http://www.scard.org/gsm