mirror of
https://github.com/xvzc/SpoofDPI.git
synced 2024-12-22 22:36:53 +00:00
update readme
This commit is contained in:
parent
a2f91f2e95
commit
caf2ede24c
@ -41,7 +41,7 @@ Usage: spoof-dpi [options...]
|
||||
Since most of websites in the world now support HTTPS, SpoofDPI doesn't bypass Deep Packet Inspections for HTTP requets, However It still serves proxy connection for all HTTP requests.
|
||||
|
||||
### HTTPS
|
||||
TLS 1.3 encrypts every handshake process, the domain names are still shown as plaintext in the Client hello packet.
|
||||
Although TLS 1.3 encrypts every handshake process, the domain names are still shown as plaintext in the Client hello packet.
|
||||
In other words, when someone else looks on the packet, they can easily guess where the packet is headed to.
|
||||
The domain name can offer a significant information while DPI is being processed, And we can actually see that the connection is blocked right after sending Client hello packet.
|
||||
I had tried some ways to bypass this, and found out that it seemed like only the first chunk gets inspected when we send the Client hello packet splited in chunks.
|
||||
|
Loading…
Reference in New Issue
Block a user