Haka can analyze states of a network protocol with its state machine. A state machine is defined as a set of states and a set of transition functions between these states. This post will present a part of the SSL state machine we used in the previous blog post to detect heartbleed.
In a previous post, we defined security rules on SSL protocol in order to block heartbleed attack. This post will present a v0.2 feature: the grammar used to specify the SSL protocol. Our grammar can parse binary-based as well as text-based protocols.
This post will focus on the dissection of the ClientHello handshake.