Skip to content

TLS-Attacker 3.8.0
Compare
Choose a tag to compare
@mmaehren mmaehren released this 08 Jun 20:49
3.8.0
74c7dd7
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Added new Smart Chooser Classes for smarter record size limits
Added TLS-Attacker proxy module prototype, which allows to use TLS-Attacker as SslSockets
Fixed a ClassCastException in the CertificateStatusParser
Removed the Attacks module. Scanning capabilities were move to https://github.com/tls-attacker/TLS-Scanner while exploits are currently reworked to be more user friendly within their own module
Fixed a Bug which caused TLS-Attacker to be unable to parse incoming records with more than ~127 bytes of padding in CBC mode
Fixed Timing Attacks TransportHandler.
Introduced overwriteable Callbacks before and after handshake execution
Introduced FFDH Named Groups
Better SessionID / SessionTicket support
TLS-Attacker is now running on Java 11
More control over DTLS fragment layer in workflowTrace
Better handling of DTLS retransmissions
TLS-Attacker can now also send DTLS retransmissions
Custom TLS PRF implementation (no longer relying on BC)
Introduced new "IGNORE_UNEXPECTED_KEY_UPDATE_MESSAGES" and "IGNORE_UNEXPECTED_APP_DATA" Action options
Introduced new actions: ChangeReadEpoch, ChangeReadSequenceNumber, ChangeWriteEpoch, ChangeWriteSequenceNumber, SendMessagesFromLastFlight and SendRecordsFromLastFlight
Introduced KeyUpdates for TLS 1.3
Removed TLS 1.3 draft code
Deleted Forensic Module
Fixed a bug which caused invalid nonces for ChachaPoly in DTLS
Added warnings when workflowtraces are loaded (manually) but they still contain "originalValues" from previous executions
Introduced RSA-SKE message (RSA-Export)
Fixed Illegal Reflective Access Bug (PseudoRandomFunction)
Reworked certificate generation scripts
Minor fixes and code improvements

Assets 2
Loading