|
|
|
|
|
|
by vbezhenar
1048 days ago
|
|
|
https://www.wireguard.com/protocol/ The initiator sends this message: msg = handshake_initiation {
u8 message_type
u8 reserved_zero[3]
u32 sender_index
u8 unencrypted_ephemeral[32]
u8 encrypted_static[AEAD_LEN(32)]
u8 encrypted_timestamp[AEAD_LEN(12)]
u8 mac1[16]
u8 mac2[16]
}
msg.message_type = 1
msg.reserved_zero = { 0, 0, 0 }
Seems like this is trivially detected. Just watch for first UDP packet with 01-00-00-00 bytes in the payload. |
|
|