mirror of
https://github.com/ValdikSS/GoodbyeDPI.git
synced 2024-12-22 14:26:08 +00:00
Switch to getopt() and slightly update fragmentation code
This commit is contained in:
parent
6b40623dce
commit
46af3c2edb
130
goodbyedpi.c
130
goodbyedpi.c
@ -80,13 +80,15 @@ static PVOID find_host_header(char *pktdata, int pktlen) {
|
|||||||
(char*)http_host_find, strlen(http_host_find));
|
(char*)http_host_find, strlen(http_host_find));
|
||||||
}
|
}
|
||||||
|
|
||||||
static void change_window_size(char *pkt) {
|
static void change_window_size(char *pkt, int size) {
|
||||||
*(pkt + IPV4_HDR_LEN + TCP_WINDOWSIZE_OFFSET) = 0x00;
|
*(uint16_t*)(pkt + IPV4_HDR_LEN + TCP_WINDOWSIZE_OFFSET) = htons(size);
|
||||||
*(pkt + IPV4_HDR_LEN + TCP_WINDOWSIZE_OFFSET + 1) = 0x02;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
int main(int argc, char *argv[]) {
|
int main(int argc, char *argv[]) {
|
||||||
|
static const char fragment_size_message[] =
|
||||||
|
"Fragment size should be in range [0 - 65535]\n";
|
||||||
int i, should_reinject = 0;
|
int i, should_reinject = 0;
|
||||||
|
int opt;
|
||||||
HANDLE w_filter = NULL;
|
HANDLE w_filter = NULL;
|
||||||
WINDIVERT_ADDRESS addr;
|
WINDIVERT_ADDRESS addr;
|
||||||
char packet[MAX_PACKET_SIZE];
|
char packet[MAX_PACKET_SIZE];
|
||||||
@ -96,35 +98,83 @@ int main(int argc, char *argv[]) {
|
|||||||
PWINDIVERT_IPHDR ppIpHdr;
|
PWINDIVERT_IPHDR ppIpHdr;
|
||||||
PWINDIVERT_TCPHDR ppTcpHdr;
|
PWINDIVERT_TCPHDR ppTcpHdr;
|
||||||
|
|
||||||
int do_passivedpi, do_fragment, do_host, do_host_removespace;
|
int do_passivedpi = 0, do_fragment_http = 0,
|
||||||
int temp;
|
do_fragment_https = 0, do_host = 0,
|
||||||
char *data_addr, *data_addr_rn, *host_addr = NULL;
|
do_host_removespace = 0;
|
||||||
|
int http_fragment_size = 2;
|
||||||
|
int https_fragment_size = 2;
|
||||||
|
char *data_addr, *data_addr_rn, *host_addr;
|
||||||
int host_len, fromhost_uptoend_len;
|
int host_len, fromhost_uptoend_len;
|
||||||
|
|
||||||
printf("GoodbyeDPI: Passive DPI blocker and Active DPI circumvention utility\n\n");
|
printf("GoodbyeDPI: Passive DPI blocker and Active DPI circumvention utility\n");
|
||||||
|
|
||||||
if (argc == 2) {
|
if (argc == 1) {
|
||||||
temp = atoi(argv[1]);
|
/* enable mode -1 by default */
|
||||||
do_passivedpi = !!(temp & 1);
|
do_passivedpi = do_host = do_host_removespace \
|
||||||
do_fragment = !!(temp & 2);
|
= do_fragment_http = do_fragment_https = 1;
|
||||||
do_host = !!(temp & 4);
|
|
||||||
do_host_removespace = !!(temp & 8);
|
|
||||||
|
|
||||||
printf("Block passive: %d, Fragment: %d, hoSt: %d, Host no space: %d\n",
|
|
||||||
do_passivedpi, do_fragment, do_host, do_host_removespace);
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
printf("goodbyedpi.exe [1: block passive DPI, 2: fragment outbound, "
|
|
||||||
"4: replace Host with hoSt, 8: remove space between host header and value]\n");
|
|
||||||
printf("Default: 15 (all enabled)\n");
|
|
||||||
|
|
||||||
do_passivedpi = 1;
|
|
||||||
do_fragment = 1;
|
|
||||||
do_host = 1;
|
|
||||||
do_host_removespace = 1;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
printf("Opening filter\n");
|
while ((opt = getopt(argc, argv, "123prsf:e:")) != -1) {
|
||||||
|
switch (opt) {
|
||||||
|
case '1':
|
||||||
|
do_passivedpi = do_host = do_host_removespace \
|
||||||
|
= do_fragment_http = do_fragment_https = 1;
|
||||||
|
break;
|
||||||
|
case '2':
|
||||||
|
do_passivedpi = do_host = do_host_removespace \
|
||||||
|
= do_fragment_http = do_fragment_https = 1;
|
||||||
|
https_fragment_size = 40;
|
||||||
|
break;
|
||||||
|
case '3':
|
||||||
|
do_passivedpi = do_host = do_host_removespace = 1;
|
||||||
|
break;
|
||||||
|
case 'p':
|
||||||
|
do_passivedpi = 1;
|
||||||
|
break;
|
||||||
|
case 'r':
|
||||||
|
do_host = 1;
|
||||||
|
break;
|
||||||
|
case 's':
|
||||||
|
do_host_removespace = 1;
|
||||||
|
break;
|
||||||
|
case 'f':
|
||||||
|
do_fragment_http = 1;
|
||||||
|
http_fragment_size = atoi(optarg);
|
||||||
|
if (http_fragment_size <= 0 || http_fragment_size > 65535) {
|
||||||
|
printf(fragment_size_message);
|
||||||
|
exit(EXIT_FAILURE);
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
case 'e':
|
||||||
|
do_fragment_https = 1;
|
||||||
|
https_fragment_size = atoi(optarg);
|
||||||
|
if (https_fragment_size <= 0 || https_fragment_size > 65535) {
|
||||||
|
printf(fragment_size_message);
|
||||||
|
exit(EXIT_FAILURE);
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
printf("Usage: goodbyedpi.exe [OPTION...]\n"
|
||||||
|
" -p block passive DPI\n"
|
||||||
|
" -r replace Host with hoSt\n"
|
||||||
|
" -s remove space between host header and its value\n"
|
||||||
|
" -f [value] set HTTP fragmentation to value\n"
|
||||||
|
" -e [value] set HTTPS fragmentation to value\n"
|
||||||
|
"\n"
|
||||||
|
" -1 enables all options, -f 2 -e 2 (most compatible mode, default)\n"
|
||||||
|
" -2 enables all options, -f 2 -e 40 (better speed yet still compatible)\n"
|
||||||
|
" -3 all options except fragmentation (best speed)\n");
|
||||||
|
exit(EXIT_FAILURE);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
printf("Block passive: %d, Fragment HTTP: %d, Fragment HTTPS: %d, "
|
||||||
|
"hoSt: %d, Host no space: %d\n",
|
||||||
|
do_passivedpi, (do_fragment_http ? http_fragment_size : 0),
|
||||||
|
(do_fragment_https ? https_fragment_size : 0),
|
||||||
|
do_host, do_host_removespace);
|
||||||
|
|
||||||
|
printf("\nOpening filter\n");
|
||||||
filter_num = 0;
|
filter_num = 0;
|
||||||
|
|
||||||
if (do_passivedpi) {
|
if (do_passivedpi) {
|
||||||
@ -178,10 +228,10 @@ int main(int argc, char *argv[]) {
|
|||||||
}
|
}
|
||||||
/* Handle OUTBOUND packet, search for Host header */
|
/* Handle OUTBOUND packet, search for Host header */
|
||||||
else if (addr.Direction == WINDIVERT_DIRECTION_OUTBOUND &&
|
else if (addr.Direction == WINDIVERT_DIRECTION_OUTBOUND &&
|
||||||
packet_dataLen > 16 && ppTcpHdr->DstPort == htons(80)) {
|
packet_dataLen > 16 && ppTcpHdr->DstPort == htons(80) &&
|
||||||
if (do_host || do_host_removespace) {
|
(do_host || do_host_removespace)) {
|
||||||
data_addr = find_host_header(packet_data, packet_dataLen);
|
|
||||||
}
|
data_addr = find_host_header(packet_data, packet_dataLen);
|
||||||
|
|
||||||
if (do_host && data_addr) {
|
if (do_host && data_addr) {
|
||||||
/* Replace "Host: " with "hoSt: " */
|
/* Replace "Host: " with "hoSt: " */
|
||||||
@ -192,12 +242,12 @@ int main(int argc, char *argv[]) {
|
|||||||
if (do_host_removespace && data_addr) {
|
if (do_host_removespace && data_addr) {
|
||||||
host_addr = data_addr + strlen(http_host_find);
|
host_addr = data_addr + strlen(http_host_find);
|
||||||
|
|
||||||
|
fromhost_uptoend_len = packet_dataLen - ((PVOID)host_addr - packet_data);
|
||||||
data_addr_rn = dumb_memmem(host_addr,
|
data_addr_rn = dumb_memmem(host_addr,
|
||||||
packet_dataLen - ((PVOID)host_addr - packet_data),
|
fromhost_uptoend_len,
|
||||||
"\r\n", 2);
|
"\r\n", 2);
|
||||||
if (data_addr_rn) {
|
if (data_addr_rn) {
|
||||||
host_len = data_addr_rn - host_addr;
|
host_len = data_addr_rn - host_addr;
|
||||||
fromhost_uptoend_len = packet_dataLen - ((PVOID)host_addr - packet_data);
|
|
||||||
if (host_len <= 64) {
|
if (host_len <= 64) {
|
||||||
/* Move memory left by 1 byte and reduce packet size for 1 byte */
|
/* Move memory left by 1 byte and reduce packet size for 1 byte */
|
||||||
memmove(host_addr - 1, host_addr, fromhost_uptoend_len);
|
memmove(host_addr - 1, host_addr, fromhost_uptoend_len);
|
||||||
@ -210,9 +260,7 @@ int main(int argc, char *argv[]) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (do_host || do_host_removespace) {
|
WinDivertHelperCalcChecksums(packet, packetLen, 0);
|
||||||
WinDivertHelperCalcChecksums(packet, packetLen, 0);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/* Else if we got TCP packet without data */
|
/* Else if we got TCP packet without data */
|
||||||
@ -221,9 +269,13 @@ int main(int argc, char *argv[]) {
|
|||||||
/* If we got SYN+ACK packet */
|
/* If we got SYN+ACK packet */
|
||||||
if (addr.Direction == WINDIVERT_DIRECTION_INBOUND &&
|
if (addr.Direction == WINDIVERT_DIRECTION_INBOUND &&
|
||||||
ppTcpHdr->Syn == 1) {
|
ppTcpHdr->Syn == 1) {
|
||||||
if (do_fragment) {
|
//printf("Changing Window Size!\n");
|
||||||
//printf("Changing Window Size!\n");
|
if (do_fragment_http && ppTcpHdr->DstPort == htons(80)) {
|
||||||
change_window_size(packet);
|
change_window_size(packet, http_fragment_size);
|
||||||
|
WinDivertHelperCalcChecksums(packet, packetLen, 0);
|
||||||
|
}
|
||||||
|
else if (do_fragment_https && ppTcpHdr->DstPort != htons(80)) {
|
||||||
|
change_window_size(packet, https_fragment_size);
|
||||||
WinDivertHelperCalcChecksums(packet, packetLen, 0);
|
WinDivertHelperCalcChecksums(packet, packetLen, 0);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user