Andreaierardi/MMS-protocol-attacks

List of cyber attacks on client and server MMS: Man-in-the-middle; Denial of Service; Packet Filtering, Downgrade attack

Manufacturing Message Specification (MMS) protocol attacks

Aim of the project

List of cybersecurity attacks on client and server MMS under TLS. I realised these attacks during my intership in the university in collaboration with Ricerca sul Sistema Energetico(RSE spa).

Technologies

Docker and containers

Transport Layer Security(TLS)

Manufacturing Message Specification(MMS) protocol

Experimentation

Search for vulnerabilities in the TLS protocol and main cipher suites

Search for security attacks

Search for tools

Run the attacks

Developed attacks

Passive Man-in-the-middle

Denial of service

Packet filtering

Downgrade

Run attacks

Run Client and Server

Terminal1 ./serverexec
Terminal2 ./clientexec
Terminal1 ./start
Terminal2 ./start [SERVER_IP] (Example : ./start 172.17.0.3 )

Passive Man in the Middle

Run client and server first!

Terminal3 (arp) ./arp
Terminal4 (tcpdump) ./tcpdump
Terminal3 (arp) ./start [SERVER_IP] [CLIENT_IP] (Example : ./start 172.17.0.3 172.17.0.2 )
Terminal4 (tcpdump) ./start
Terminal1 ./start

WebSocket Denial of Service

Run client and server first!

Terminal3 (dos) ./dosattack
Terminal3 (dos) ./start [IP_SERVER]
Terminal1 ./start

Packet Filtering

Run client and server first!

Terminal3 (packetfilter) ./packetfilter
Terminal4 (arp) ./arp
Terminal4 (arp) ./start [IP_SERVER] [IP_CLIENT]

Then run one of these two scripts:
• Terminal3(packetfilter) ./start_inject
• Terminal3 (packetfilter) ./start_pending