Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up

QUICk - a go library based on gopacket for analyzing QUIC CHLO messages

License

NotificationsYou must be signed in to change notification settings

0x4D31/quick

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

a go library based ongopacket for analyzing QUIC ClientHello (CHLO) messages.

What is QUIC?

Usage

There is a simple QUIC sniffer inexample directory. An improved version will be added to the repo soon.

cd example/go build quick_sniffer.go./quick_sniffer -i en0

Example Output

2019/05/11 05:42:10 192.168.1.9:58556 -> 172.217.25.174:443(https) [QUIC]  SNI: www.youtube.comPublic Flags: dCID: e4fca1c8ad38dc14Version: Q043Packet Number: 3Message Authentication Hash: 0db44cd94bb3ad0afd57126eFrame Type: a0Stream ID: 1Data Length: 1024Tag: CHLOTag Number: 25SNI: "www.youtube.com"UAID: "Chrome/74.0.3729.131 Intel Mac OS X 10_14_4"Tags in Order: ["PAD" "SNI" "STK" "VER" "CCS" "NONC" "AEAD" "UAID" "SCID" "TCID" "PDMD" "SMHL" "ICSL" "NONP" "PUBS" "MIDS" "SCLS" "KEXS" "XLCT" "CSCT" "COPT" "CCRT" "IRTT" "CFCW" "SFCW"]Tag Values: map[AEAD:AESG CCRT:2237aaad1bebaa6c67f8adc58015e3ff CCS:01e8816092921ae87eed8086a2158291 CFCW:0000f000 COPT:NSTP CSCT: ICSL:1e000000 IRTT:40440000 KEXS:C255 MIDS:64000000 NONC:5cd5d4123030303030303030e9c59effcecd21da531a5084a5333242335e8494 NONP:7d6f3ecd3b19182dc50916bbf73520fb7b8e679003806739f3aaba383fcac3bd PDMD:X509 PUBS:e8b53d02466ad7ee37c92c5c55144a7b399d5689e50683a4e7542da36ed36912 SCID:8fffefdd83ec8a46169e93b0e332dd4b SCLS:01000000 SFCW:00006000 SMHL:01000000 SNI:www.youtube.com STK:a31c12b6480c17f4b87695dacd6ce7c359509e6b40a1d2b353fe72ebb06e19f6725c557e6e1dc66e714f97b4e5a596dda9994578393c TCID:00000000 UAID:Chrome/74.0.3729.131 Intel Mac OS X 10_14_4 VER:Q043 XLCT:2237aaad1bebaa6c]2019/05/11 05:42:12 192.168.1.9:58053 -> 216.58.200.99:443(https) [QUIC]  SNI: fonts.gstatic.comPublic Flags: dCID: 17f255ae6f55b260Version: Q043Packet Number: 1Message Authentication Hash: 4247258b9146098152ff3d82Frame Type: a0Stream ID: 1Data Length: 1024Tag: CHLOTag Number: 25SNI: "fonts.gstatic.com"UAID: "Chrome/74.0.3729.131 Intel Mac OS X 10_14_4"Tags in Order: ["PAD" "SNI" "STK" "VER" "CCS" "NONC" "AEAD" "UAID" "SCID" "TCID" "PDMD" "SMHL" "ICSL" "NONP" "PUBS" "MIDS" "SCLS" "KEXS" "XLCT" "CSCT" "COPT" "CCRT" "IRTT" "CFCW" "SFCW"]Tag Values: map[AEAD:AESG CCRT:2237aaad1bebaa6c67f8adc58015e3ff CCS:01e8816092921ae87eed8086a2158291 CFCW:0000f000 COPT:NSTP CSCT: ICSL:1e000000 IRTT:c2840000 KEXS:C255 MIDS:64000000 NONC:5cd5d41430303030303030307921451c2d12865a234c05726f7dc38069a9741c NONP:5eceff43869fbe6b291c0e5852927dcb5d3df75e21d32d21b4a2dc61e09ae46d PDMD:X509 PUBS:c4c035f104b45a5f7cc585220e41633f44afe4cf2c47ad4835381dee5933b040 SCID:8fffefdd83ec8a46169e93b0e332dd4b SCLS:01000000 SFCW:00006000 SMHL:01000000 SNI:fonts.gstatic.com STK:1ab50b5e10de678cd5f48357c84cfb6510178fd0a62744dda0532e9dcb5f0b199024316d44d7443b704b191e3339561b90ea4d1a471a TCID:00000000 UAID:Chrome/74.0.3729.131 Intel Mac OS X 10_14_4 VER:Q043 XLCT:2237aaad1bebaa6c]

TODO

  • Add support for IETF QUIC
  • Add support for gQUIC v46+
  • Add the analysis and collected data to the repo

About

QUICk - a go library based on gopacket for analyzing QUIC CHLO messages

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

[8]ページ先頭
©2009-2025 Movatter.jp