無法使用scapy和scapy ssl庫發送HTTP/2 GET請求

Question

我想通過使用scapy ssl庫的TLS 1.2發送HTTP/2 GET請求。代碼如下。我沒有收到任何錯誤，但網頁也沒有收到。請讓我知道代碼的問題。

#!/usr/bin/env python 
# -*- coding: utf-8 -*- 

from __future__ import with_statement 
from __future__ import print_function 
import socket 
import sys 

try: 
    # This import works from the project directory 
    from scapy_ssl_tls.ssl_tls import * 
except ImportError: 
    # If you installed this package via pip, you just need to execute this 
    from scapy.layers.ssl_tls import * 

tls_version = TLSVersion.TLS_1_2 


def tls_hello(sock): 
    client_hello = TLSRecord(version=tls_version)/TLSHandshake() /\ 
        TLSClientHello(version=tls_version, compression_methods=[TLSCompressionMethod.NULL, ], 
            cipher_suites=[TLSCipherSuite.ECDHE_RSA_WITH_AES_128_CBC_SHA256, ], extensions=[TLSExtension()/
             TLSExtALPN(protocol_name_list=[TLSALPNProtocol(data="h2"), 
             TLSALPNProtocol(data="h2-16"), 
             TLSALPNProtocol(data="h2-14"), 
             TLSALPNProtocol(data="http/1.1"), 
                      ])],) 
            # cipher_suites=[TLSCipherSuite.RSA_WITH_AES_128_CBC_SHA, ]) 
            # cipher_suites=[TLSCipherSuite.RSA_WITH_RC4_128_SHA, ]) 
            # cipher_suites=[TLSCipherSuite.DHE_RSA_WITH_AES_128_CBC_SHA, ]) 
            # cipher_suites=[TLSCipherSuite.DHE_DSS_WITH_AES_128_CBC_SHA, ]) 
    sock.sendall(client_hello) 
    server_hello = sock.recvall() 
    server_hello.show() 


def tls_client_key_exchange(sock): 
    client_key_exchange = TLSRecord(version=tls_version)/TLSHandshake()/sock.tls_ctx.get_client_kex_data() 
    client_ccs = TLSRecord(version=tls_version)/TLSChangeCipherSpec() 
    sock.sendall(TLS.from_records([client_key_exchange, client_ccs])) 
    sock.sendall(to_raw(TLSFinished(), sock.tls_ctx)) 
    server_finished = sock.recvall() 
    server_finished.show() 


def tls_client(ip): 
    sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 
    try: 
     sock.connect(ip) 
     sock = TLSSocket(sock, client=True) 
     print("Connected to server: %s" % (ip,)) 
    except socket.timeout: 
     print("Failed to open connection to server: %s" % (ip,), file=sys.stderr) 
    else: 
     tls_hello(sock) 
     tls_client_key_exchange(sock) 
     print("Finished handshake. Sending application data (GET request)") 
    print("+++++++++++++++++") 
    sock.sendall(to_raw(TLSPlaintext(data="PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n"), sock.tls_ctx)) 
    #sock.sendall(to_raw(TLSPlaintext(data="GET/HTTP/1.1\r\nHOST: localhost\r\n\r\n"), sock.tls_ctx)) 
    print("+++++++++++++++++") 
    resp = sock.recvall() 
     print("Got response from server") 
     resp.show() 
     print(sock.tls_ctx) 
    finally: 
     sock.close() 

if __name__ == "__main__": 
    if len(sys.argv) > 2: 
     server = (sys.argv[1], int(sys.argv[2])) 
    else: 
     server = ("127.0.0.1", 443) 
    tls_client(server) 

這我得到的輸出是：

Connected to server: ('127.0.0.1', 443) 
###[ SSL/TLS ]### 
    \records \ 
    |###[ TLS Record ]### 
    | content_type= handshake 
    | version = TLS_1_2 
    | length = 0x55 
    |###[ TLS Handshake ]### 
    |  type  = server_hello 
    |  length = 0x51 
    |###[ TLS Server Hello ]### 
    |  version = TLS_1_2 
    |  gmt_unix_time= 1964528416 
    |  random_bytes= '\xa5\x11\x11\x81\xc3V\x03Q\xdb>\x8b\x1d\x9e\x13\xa7\xfelT\x80\x97\xf5\x06.4\x18\xc8\x85X' 
    |  session_id_length= 0x20 
    |  session_id= '\x93\xfd\x95\xbc\x1d68w\x19{8\x83dz\xb4\\r\x81\xb7&\xb5\x14\x1d\xfc<fR\x00\xe7\xd3{\x90' 
    |  cipher_suite= ECDHE_RSA_WITH_AES_128_CBC_SHA256 
    |  compression_method= NULL 
    |  extensions_length= 0x9 
    |  \extensions\ 
    |   |###[ TLS Extension ]### 
    |   | type  = application_layer_protocol_negotiation 
    |   | length = 0x5 
    |   |###[ TLS Extension Application-Layer Protocol Negotiation ]### 
    |   |  length = 0x3 
    |   |  \protocol_name_list\ 
    |   |  |###[ TLS ALPN Protocol ]### 
    |   |  | length = 0x2 
    |   |  | data  = 'h2' 
    |###[ TLS Record ]### 
    | content_type= handshake 
    | version = TLS_1_2 
    | length = 0x41f 
    |###[ TLS Handshake ]### 
    |  type  = certificate 
    |  length = 0x41b 
    |###[ TLS Certificate List ]### 
    |  length = 0x418 
    |  \certificates\ 
    |   |###[ TLS Certificate ]### 
    |   | length = 0x415 
    |   | \data  \ 
    |   | |###[ Raw ]### 
    |   | | load  = '0\x82\x04\x110\x82\x02\xf9\xa0\x03\x02\x01\x02\x02\t\x00\xf6\x7f)\x04Yq\x7f\x830\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\x000\x81\x9e1\x0b0\t\x06\x03U\x04\x06\x13\x02IN1\x170\x15\x06\x03U\x04\x08\x0c\x0eMadhya-Pradesh1\x0f0\r\x06\x03U\x04\x07\x0c\x06Indore1\x130\x11\x06\x03U\x04\n\x0c\nIIT Indore1\r0\x0b\x06\x03U\x04\x0b\x0c\x04DCSE1\x180\x16\x06\x03U\x04\x03\x0c\x0fhttp2.nikhil.me1\'0%\x06\t*\x86H\x86\xf7\r\x01\t\x01\x16\x18phd1401101002@iiti.ac.in0\x1e\x17\r170403070657Z\x17\r200402070657Z0\x81\x9e1\x0b0\t\x06\x03U\x04\x06\x13\x02IN1\x170\x15\x06\x03U\x04\x08\x0c\x0eMadhya-Pradesh1\x0f0\r\x06\x03U\x04\x07\x0c\x06Indore1\x130\x11\x06\x03U\x04\n\x0c\nIIT Indore1\r0\x0b\x06\x03U\x04\x0b\x0c\x04DCSE1\x180\x16\x06\x03U\x04\x03\x0c\x0fhttp2.nikhil.me1\'0%\x06\t*\x86H\x86\xf7\r\x01\t\x01\x16\x18phd1401101002@iiti.ac.in0\x82\x01"0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\n\x02\x82\x01\x01\x00\xe1\xc3\x9cN\xc7gDz\xces\xca\'F&\x17\xcb\xe8e\xea\xdd_\x07\x9a\xab\xbf\xc6$\xfe\xf7\x84\x9d\x97|H\xdd3\xfdi\xbf\x17\xfe\x92\xad\x99..q\x97\x00\xcf\xad\xbcd\xe1j\x9e\x9b\xbcq\r\xd2~ \x98\xc8\x8c\x11\xdc\xd3G\x8e\x19b\x98\xde\xff\x13\xae{\xf4\x86\x99\xda\xb3(\\\xad\xd4B\x89\xb1\xdf?\x02\x04P\xe3\xe5\xe4\xa3\x13\xae>\x1e\xff\x18\x12\xd2x\x05\xa8\x88\xffY\xad\xbb\xfc\x95\x06|\xda\x8du&\xe6\'\xdd\xe3bY\xbd\x00\x9c\x14\xb6Kf\xbfu\x96\x87B\x80\x11\xe5d\x90\x0f\x05\x8f,\x95:1\xc1p[\x17\xe7c\x17{+\xc1\x03w\x87\xc1\xc2\x07\x9a<\x96\xa1\x9e\xa2e\xa5Rs\x88x\xd8m\xed\xa4h\xba\x83\xf9m\xd6H\xe0\xf4\x19\x97\xces\xe1\x04\x97\x1ae\xffV\xe6|\xdfV\xd5Q!Z6\xa0\x19C\xe5\xfd\n\xb5P\x9ch\x992\xf8\xce\x85\x15\xb1<\xd2\x95\x06\xa9\x9a\xdf\xa8\xef\x0e2\xa55\xb1Y\x19\x06\xb2y<\xea37e\x02\x03\x01\x00\x01\xa3P0N0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x149\xfe=n\x15\xa9P\xc5\xd4\x07\x8bF5\xa8\x05N\x0e\xa4\xf6\xa20\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x149\xfe=n\x15\xa9P\xc5\xd4\x07\x8bF5\xa8\x05N\x0e\xa4\xf6\xa20\x0c\x06\x03U\x1d\x13\x04\x050\x03\x01\x01\xff0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\xbck\x1c\xfb\xc9\xac]\x04\x12b\xc5\xf4!~\xb7\xc6\xa6Q[\x00S\xf2\xb1\xbe\xa1\x8fv\xb0\x90\x1f@Z\x10m<1\xe2\x9c\xf0\x1c\x922|\xde\x02?(#\xee{\xca\xc0\xc1\xe0\x88\xde6\x18,P\xa5\\\xb7\xa8\xa4\x80\xd6w\xc4\x99\xea:\xcf8\xd6\xbd(\xf2\xd7\x85j\x9f\xf7\x7f8\xd8\xcb\xf5?aIM\x97\x988\xe3\xe8t\xf4\x14\x95\xdeI\xc4\xce0\x9c\xbe\xdc7\x1d\xd6<OT\x811\xc2\x9f\xee\x7f{\xd5hJ\x0f\xa6\x8f\xe6\x7f\x18\xcd\x1f\\/\xa2&\xff\x83ee-\x83\x81\xb6\xbe\x05\xd23\xee\xf6\xae\x8e\x8fr\x80\xa0wai\x14Q\xa9\x85\x9e33@\xa6\x11(\x12(\xf9t\xdc& v\x7fw\xab\xc7\xda\xcfOU\x08\xa8\xcf^\xc0z\xfao=I"\x9e<*[\r\t\xc5}\xe3\t\x07\xf07\xd7\xc3\xf7\x1d\xa55\x00w\xdc=\xf0\xae\xec|\xc1\x97\x00\xa4\x9a\xf5e\x05\x92D\x1bl\xa7\xda\xf5\x80*\x96\xfe"J\x9c:\xdb(u\xaf5\x0b\x1cq' 
    |###[ TLS Record ]### 
    | content_type= handshake 
    | version = TLS_1_2 
    | length = 0x14d 
    |###[ TLS Handshake ]### 
    |  type  = server_key_exchange 
    |  length = 0x149 
    |###[ TLS Server Key Exchange ]### 
    |###[ TLS EC Diffie-Hellman Server Params ]### 
    |   curve_type= named_curve 
    |   curve_name= secp256r1 
    |   p_length = 0x41 
    |   p   = '\x04\xa8\x11\x0e\x90\x03\xf2\xc3~{=\x8dN\xd4\x1a6bZc0\xac\x02\xc8+\xe09\xaf\x83CO\xa4Z\x99\xc2h\x84\xc0\xb0\xd95Ogp\x949\xcb\xfc/E\tF\x99\xa5\x11\xd8\xb0+\xfd\xa4\xfb\x0c\x01h\xcb1' 
    |   hash_type = sha1 
    |   sig_type = rsa 
    |   sig_length= 0x100 
    |   sig  = "C}\x0f\x02\xf0\xd2\xf1\x91\x01\xae`Gy\\\xf4'\xba\\\x1f\xd8\xbc\xd0\xca\x9e\xff\x9d\xb4\x83t\xdai/IP\xc7\xa0\x9b'\xcc{\xec[\xc7W\x1d\xb0\xd9\x11\xbb\xb8R\xad\xf0\xf6\xcaA{t\x18o/\x8e\xf6\x86\xba2C\xfe`j\xc9=\xd0w\xfbx\xaa\xa6S\x9b\xf8\x80\xf0\x16\xf8\xc1E\xbf\xba\xe1j\xbd\x03u_x}\xae\x86\x7f,U\xf9\xf0\\f\xef\xa5\xa7\xa3\xca`6\x93kH\xfe\xedy\xfc\xb2\xd7\xec\\\x9eg\xc8Ae\x125\xb4\xb1\xa0)\xbd\xc5\xb6@\xee\xcc;3rk\xdey\x81%\x014GH\x9fU\xa1&\x14\x9d\x81<Zu\x95\x14I\xbaEY\xac(\x08nea)\x12\x0fo\xc4\xde\xc2D\x16XA\xcb\x08\x8b\xe0\xebe\x0b\xbb\xfe\xe8\xd7j\xecT\x8a\xbe\xd7V\x8by\x01\xd9\xce\x11\x02\xd1\xa3\xf3\x14\x9a=\xe0\xbf\xe3\xc8=\x0f\xce\x9a\xc2\xb2\x85\x1a\x16y#[+y\xefq\xb3?\x8f=}\x91\xc9\x06\xe0[\xce;\x92n_\x91\xb9m^" 
    |###[ TLS Record ]### 
    | content_type= handshake 
    | version = TLS_1_2 
    | length = 0x4 
    |###[ TLS Handshake ]### 
    |  type  = server_hello_done 
    |  length = 0x0 
###[ SSL/TLS ]### 
    \records \ 
    |###[ TLS Record ]### 
    | content_type= change_cipher_spec 
    | version = TLS_1_2 
    | length = 0x1 
    |###[ TLS ChangeCipherSpec ]### 
    |  message = '\x01' 
    |###[ TLS Record ]### 
    | content_type= handshake 
    | version = TLS_1_2 
    | length = 0x50 
    |###[ TLS Handshake ]### 
    |  type  = finished 
    |  length = 0xc 
    |  explicit_iv= 'g\xb2N\xb3y,\xa9\n\xc6\x9d\xc7m\xc9\xe5\x11[' 
    |  mac  = '\xdaw0\x9fF\xd3\xa7?P\xf26\xa5\xb8`A\x90p\x07G\xfa\x92\xe2\x86\x98\x02\x94G\xc0\x90\xe2\xc2\xd2' 
    |  padding = '\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f' 
    |  padding_len= 0xf 
    |###[ TLS Handshake Finished ]### 
    |  data  = '\x87\x1f!\xc7\x177&\xd7\xcb\x1b$\x00' 
    |###[ TLS Record ]### 
    | content_type= application_data 
    | version = TLS_1_2 
    | length = 0x60 
    |###[ TLS Plaintext ]### 
    |  data  = '\x00\x00\x1a\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0cUnknown error code' 
    |  explicit_iv= '\xac3`\x01\xcdF3\x1b\x98H\xcc\xe2\xb6\x97\xa1\xca' 
    |  mac  = '\xf8l5\xab\x044>\xd4\x17F\xba\xe0\xff:\xbf\xed\xcbf \xcf\x1f\xd0\xb8\xc2\xd5\xec\x05\xc2e\x01\xcd_' 
    |  padding = '\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c' 
    |  padding_len= 0xc 
    |###[ TLS Record ]### 
    | content_type= alert 
    | version = TLS_1_2 
    | length = 0x40 
    |###[ TLS Alert ]### 
    |  level  = warning 
    |  description= close_notify 
    |  explicit_iv= '\x89\r\xf5\xbe,R\x0e8\xad5c\x05\x99\xea\xeb\x80' 
    |  mac  = 'c\xef\x08\xbfI\xf5\x85E\xd9\xb8\xa5C\n@\xdc\xf6\x96\x03\xdb\xb4\x0b\xb7\x04\x84?\x80R\xa8\xfd\xaa\x16\x99' 
    |  padding = '\r\r\r\r\r\r\r\r\r\r\r\r\r' 
    |  padding_len= 0xd 
Finished handshake. Sending application data (GET request) 
+++++++++++++++++ 
+++++++++++++++++ 
Got response from server 
###[ SSL/TLS ]### 
    \records \ 
<TLSSessionCtx: id=140259983147536 
    params.handshake.client=<TLSClientHello version=TLS_1_2 cipher_suites=['ECDHE_RSA_WITH_AES_128_CBC_SHA256'] compression_methods=['NULL'] extensions=[<TLSExtension type=application_layer_protocol_negotiation |<TLSExtALPN protocol_name_list=[<TLSALPNProtocol data='h2' |>, <TLSALPNProtocol data='h2-16' |>, <TLSALPNProtocol data='h2-14' |>, <TLSALPNProtocol data='http/1.1' |>] |>>] |> 
    params.handshake.server=<TLSServerHello version=TLS_1_2 gmt_unix_time=1964528416 random_bytes='\xa5\x11\x11\x81\xc3V\x03Q\xdb>\x8b\x1d\x9e\x13\xa7\xfelT\x80\x97\xf5\x06.4\x18\xc8\x85X' session_id_length=0x20 session_id='\x93\xfd\x95\xbc\x1d68w\x19{8\x83dz\xb4\\r\x81\xb7&\xb5\x14\x1d\xfc<fR\x00\xe7\xd3{\x90' cipher_suite=ECDHE_RSA_WITH_AES_128_CBC_SHA256 compression_method=NULL extensions_length=0x9 extensions=[<TLSExtension type=application_layer_protocol_negotiation length=0x5 |<TLSExtALPN length=0x3 protocol_name_list=[<TLSALPNProtocol length=0x2 data='h2' |>] |>>] |> 
    params.negotiated.version=TLS_1_2 
    params.negotiated.ciphersuite=ECDHE_RSA_WITH_AES_128_CBC_SHA256 
    params.negotiated.key_exchange=ECDHE 
    params.negotiated.encryption=('AES', 16, 'CBC') 
    params.negotiated.mac=SHA256 
    params.negotiated.compression=NULL 
    crypto.client.enc=<Crypto.Cipher.AES.AESCipher instance at 0x7f90d13062d8> 
    crypto.client.dec=<Crypto.Cipher.AES.AESCipher instance at 0x7f90d13063b0> 
    crypto.server.enc=<Crypto.Cipher.AES.AESCipher instance at 0x7f90d13063f8> 
    crypto.server.dec=<Crypto.Cipher.AES.AESCipher instance at 0x7f90d1306440> 
    crypto.client.rsa.privkey=None 
    crypto.client.rsa.pubkey=None 
    crypto.server.rsa.privkey=None 
    crypto.server.rsa.pubkey=<_RSAobj @0x7f90d13464d0 n(2048),e> 
    crypto.client.dsa.privkey=None 
    crypto.client.dsa.pubkey=None 
    crypto.server.dsa.privkey=None 
    crypto.server.dsa.pubkey=None 
    crypto.client.dh.x=None 
    crypto.client.dh.y_c=None 
    crypto.server.dh.p=None 
    crypto.server.dh.g=None 
    crypto.server.dh.x=None 
    crypto.server.dh.y_s=None 
    crypto.client.ecdh.curve_name=None 
    crypto.client.ecdh.priv='\x9d\xa1\xc1)\xc7g\xcf+\xc1U\xffd\x0f\xd13\xf3G0\xb3>\x83\x8b1V\xa19S\xac\xb4\xe8\x18_' 
    crypto.client.ecdh.pub=(55660150079706264549060731250077677621567952543805917063205824042726931277737, 96171213429541138775191303156783500559576917020503549099364694827291830154118) on "secp256r1" => y^2 = x^3 + 115792089210356248762697446949407573530086143415290314195533631308867097853948x + 41058363725152142129326129780047268409114441015993725554835256314039467401291 (mod 115792089210356248762697446949407573530086143415290314195533631308867097853951) 
    crypto.server.ecdh.curve_name='secp256r1' 
    crypto.server.ecdh.priv=None 
    crypto.server.ecdh.pub=(76018695469186964965485429908810690080098805676135269709416857701937687321241, 87933360945342485384088790667444373602059838780977372442846636781953482279729) on "secp256r1" => y^2 = x^3 + 115792089210356248762697446949407573530086143415290314195533631308867097853948x + 41058363725152142129326129780047268409114441015993725554835256314039467401291 (mod 115792089210356248762697446949407573530086143415290314195533631308867097853951) 
    crypto.session.encrypted_premaster_secret=None 
    crypto.session.premaster_secret='\x8e\xd6\xf6\xe0)\x03\x07pd\x15OvRT\xa7\x1f\x1d\xe0|k\x13\xaa\xc3\xf7_>\xa9X\x08\xe3\xaa\x98' 
    crypto.session.master_secret='\x02\x91N\x90\xcc\xe7\xda\\\xf7!\x82\x9e\xf374@p\x07\xdfJM\x98\xcen_78\x1e\xf8\xdfo`\xc4\xde\x82\x9dw\x1c\xcb\xcf\xa8>\xe0\xe2\xc7\xbc\x84F' 
    crypto.session.randombytes.client='X\xea!\xf6\xe7S\xd8\xa6\xb9\x97\xd1nt\x96\x0e|W\xe9\xe2\xf4\xb95/F=D5\xcbu\x02r\x00' 
    crypto.session.randombytes.server='u\x18S \xa5\x11\x11\x81\xc3V\x03Q\xdb>\x8b\x1d\x9e\x13\xa7\xfelT\x80\x97\xf5\x06.4\x18\xc8\x85X' 
    crypto.session.key.client.mac='\x9d\xd7~\x9e\xd8\x89\x9b\x19\x0fN\xcb\xf3\xe3H\x08\xdfj\xe3h\xdaZ,\x1d\x08\xf8\xa3<\xe0!\xeb=\x85' 
    crypto.session.key.client.encryption='\xe2Z\xdf\\/\x18~\xd2\xc2G\xe6\xc9\x916.}' 
    crypto.session.key.cllient.iv='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' 
    crypto.session.key.server.mac='\x90\x83^ ]\x8d\xef\x06\xae\xed\x1an\xe2\x15\x9c4\xb8\x8d\xc4>g\xc4\xcdXU\xe7\xc3\xa9yvQ\x87' 
    crypto.session.key.server.encryption='\xaf\xb76E\xbe@\x1cj\xbc\xbas\xb8+\xa9\xaf\x0e' 
    crypto.session.key.server.iv='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' 
    crypto.session.key.length.mac=32 
    crypto.session.key.length.encryption=16 
    crypto.session.key.length.iv=16 
> 

Answer 1

您沒有發出任何HTTP/2請求到服務器，所以你不能指望一個響應。

sock.sendall(to_raw(TLSPlaintext(data="PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n"), sock.tls_ctx))

將只發送HTTP/2客戶端序言服務器，它是第一部分從客戶端用於啓動HTTP/2 連接。根據規範，你還必須發送HTTP/2設置幀（二進制形式）。在此之後，您可以發送一個HTTP/2請求，其中包含一個HPACK編碼的HEADERS幀並可能跟隨DATA幀。然後，服務器應該以響應的相關HEADERS和DATA幀作爲響應。在此之前，您還將收到SETTINGS服務器框架，並可能會收到SETTINGS確認您自己的設置。