mirrors/byedpi
1
0
Fork 0
mirror of https://github.com/hufrea/byedpi.git synced 2024-12-22 14:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'hufrea:main' into main

Browse Source
This commit is contained in:
Viktor45 2024-10-19 18:28:36 +03:00 committed by GitHub
commit 23f7cbbd75
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
5 changed files with 145 additions and 109 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

161
desync.c
View File

@ -32,35 +32,15 @@
#include "error.h"
int get_family(struct sockaddr *dst)
int setttl(int fd, int ttl)
{
#ifndef __NetBSD__
if (dst->sa_family == AF_INET6) {
struct sockaddr_in6 *d6 = (struct sockaddr_in6 *)dst;
static char *pat = "\0\0\0\0\0\0\0\0\0\0\xff\xff";
int ret6 = setsockopt(fd, IPPROTO_IPV6,
IPV6_UNICAST_HOPS, (char *)&ttl, sizeof(ttl));
int ret4 = setsockopt(fd, IPPROTO_IP,
IP_TTL, (char *)&ttl, sizeof(ttl));
if (!memcmp(&d6->sin6_addr, pat, 12)) {
return AF_INET;
}
}
#endif
return dst->sa_family;
}
int setttl(int fd, int ttl, int family) {
int _ttl = ttl;
if (family == AF_INET) {
if (setsockopt(fd, IPPROTO_IP,
IP_TTL, (char *)&_ttl, sizeof(_ttl)) < 0) {
uniperror("setsockopt IP_TTL");
return -1;
}
}
else if (setsockopt(fd, IPPROTO_IPV6,
IPV6_UNICAST_HOPS, (char *)&_ttl, sizeof(_ttl)) < 0) {
uniperror("setsockopt IPV6_UNICAST_HOPS");
if (ret4 && ret6) {
uniperror("setttl");
return -1;
}
return 0;
@ -143,7 +123,7 @@ void wait_send(int sfd)
#ifdef __linux__
ssize_t send_fake(int sfd, char *buffer,
int cnt, long pos, int fa, struct desync_params *opt)
int cnt, long pos, struct desync_params *opt)
{
struct sockaddr_in6 addr = {};
socklen_t addr_size = sizeof(addr);
@ -185,7 +165,7 @@ ssize_t send_fake(int sfd, char *buffer,
}
memcpy(p, pkt.data, pkt.size < pos ? pkt.size : pos);
if (setttl(sfd, opt->ttl ? opt->ttl : 8, fa) < 0) {
if (setttl(sfd, opt->ttl ? opt->ttl : 8) < 0) {
break;
}
if (opt->md5sig) {
@ -200,11 +180,11 @@ ssize_t send_fake(int sfd, char *buffer,
break;
}
}
if (opt->ip_options && fa == AF_INET
if (opt->ip_options
&& setsockopt(sfd, IPPROTO_IP, IP_OPTIONS,
opt->ip_options, opt->ip_options_len) < 0) {
uniperror("setsockopt IP_OPTIONS");
break;
//break;
}
struct iovec vec = { .iov_base = p, .iov_len = pos };
@ -221,14 +201,14 @@ ssize_t send_fake(int sfd, char *buffer,
wait_send(sfd);
memcpy(p, buffer, pos);
if (setttl(sfd, params.def_ttl, fa) < 0) {
if (setttl(sfd, params.def_ttl) < 0) {
break;
}
if (opt->ip_options && fa == AF_INET
if (opt->ip_options
&& setsockopt(sfd, IPPROTO_IP,
IP_OPTIONS, opt->ip_options, 0) < 0) {
uniperror("setsockopt IP_OPTIONS");
break;
//break;
}
if (opt->md5sig) {
struct tcp_md5sig md5 = {
@ -255,7 +235,7 @@ ssize_t send_fake(int sfd, char *buffer,
OVERLAPPED ov = {};
ssize_t send_fake(int sfd, char *buffer,
int cnt, long pos, int fa, struct desync_params *opt)
int cnt, long pos, struct desync_params *opt)
{
struct packet pkt;
if (opt->fake_data.data) {
@ -318,7 +298,7 @@ ssize_t send_fake(int sfd, char *buffer,
uniperror("SetFilePointer");
break;
}
if (setttl(sfd, opt->ttl ? opt->ttl : 8, fa) < 0) {
if (setttl(sfd, opt->ttl ? opt->ttl : 8) < 0) {
break;
}
if (!TransmitFile(sfd, hfile, pos, pos, &ov,
@ -339,7 +319,7 @@ ssize_t send_fake(int sfd, char *buffer,
uniperror("WriteFile");
break;
}
if (setttl(sfd, params.def_ttl, fa) < 0) {
if (setttl(sfd, params.def_ttl) < 0) {
break;
}
len = pos;
@ -378,11 +358,11 @@ ssize_t send_oob(int sfd, char *buffer,
ssize_t send_disorder(int sfd,
char *buffer, long pos, int fa)
char *buffer, long pos)
{
int bttl = 1;
if (setttl(sfd, bttl, fa) < 0) {
if (setttl(sfd, bttl) < 0) {
return -1;
}
ssize_t len = send(sfd, buffer, pos, 0);
@ -391,7 +371,7 @@ ssize_t send_disorder(int sfd,
}
else wait_send_if_support(sfd);
if (setttl(sfd, params.def_ttl, fa) < 0) {
if (setttl(sfd, params.def_ttl) < 0) {
return -1;
}
return len;
@ -399,32 +379,61 @@ ssize_t send_disorder(int sfd,
ssize_t send_late_oob(int sfd, char *buffer,
ssize_t n, long pos, int fa, char *c)
ssize_t n, long pos, char *c)
{
int bttl = 1;
if (setttl(sfd, bttl, fa) < 0) {
if (setttl(sfd, bttl) < 0) {
return -1;
}
ssize_t len = send_oob(sfd, buffer, n, pos, c);
if (len < 0) {
uniperror("send");
}
if (setttl(sfd, params.def_ttl, fa) < 0) {
if (setttl(sfd, params.def_ttl) < 0) {
return -1;
}
return len;
}
static long gen_offset(long pos, int flag,
ssize_t n, long lp, int type, int hp, int len)
{
if (flag & (OFFSET_SNI | OFFSET_HOST)) {
if (!hp || ((flag & OFFSET_SNI) && type != IS_HTTPS)) {
return -1;
}
pos += hp;
if (flag & OFFSET_END)
pos += len;
else if (flag & OFFSET_MID)
pos += (len / 2);
else if (flag & OFFSET_RAND)
pos += (rand() % len);
}
else if (flag & OFFSET_RAND) {
pos += lp + (rand() % (n - lp));
}
else if (flag & OFFSET_MID) {
pos += (n / 2);
}
else if (pos < 0 || (flag & OFFSET_END)) {
pos += n;
}
return pos;
}
ssize_t desync(int sfd, char *buffer, size_t bfsize,
ssize_t n, ssize_t offset, struct sockaddr *dst, int dp_c)
{
struct desync_params dp = params.dp[dp_c];
char *host = 0;
int len = 0, type = 0;
int fa = get_family(dst);
int len = 0, type = 0, host_pos = 0;
// parse packet
if ((len = parse_tls(buffer, n, &host))) {
type = IS_HTTPS;
@ -435,7 +444,9 @@ ssize_t desync(int sfd, char *buffer, size_t bfsize,
if (len && host) {
LOG(LOG_S, "host: %.*s (%zd)\n",
len, host, host - buffer);
host_pos = host - buffer;
}
// modify packet
if (type == IS_HTTP && dp.mod_http) {
LOG(LOG_S, "modify HTTP: n=%zd\n", n);
@ -446,16 +457,19 @@ ssize_t desync(int sfd, char *buffer, size_t bfsize,
}
else if (type == IS_HTTPS && dp.tlsrec_n) {
long lp = 0;
for (int i = 0; i < dp.tlsrec_n; i++) {
struct part part = dp.tlsrec[i];
struct part part;
int i = 0, r = 0, rc = 0;
long pos = part.pos + i * 5;
if (part.flag == OFFSET_SNI) {
pos += (host - buffer - 5);
}
else if (pos < 0) {
pos += n;
for (; r > 0 || i < dp.tlsrec_n; rc++, r--) {
if (r <= 0) {
part = dp.tlsrec[i];
r = part.r; i++;
}
long pos = rc * 5;
pos += gen_offset(part.pos,
part.flag, n - pos - 5, lp, type, host_pos - 5, len);
pos += part.s * (part.r - r);
if (pos < lp) {
LOG(LOG_E, "tlsrec cancel: %ld < %ld\n", pos, lp);
break;
@ -477,27 +491,19 @@ ssize_t desync(int sfd, char *buffer, size_t bfsize,
}
#endif
long lp = offset;
struct part part;
int i = 0, r = 0;
for (int i = 0; i < dp.parts_n; i++) {
struct part part = dp.parts[i];
for (; r > 0 || i < dp.parts_n; r--) {
if (r <= 0) {
part = dp.parts[i];
r = part.r; i++;
}
long pos = gen_offset(part.pos,
part.flag, n, lp, type, host_pos, len);
pos += part.s * (part.r - r);
// change pos
long pos = part.pos;
if (part.flag == OFFSET_SNI) {
if (type != IS_HTTPS)
continue;
else
pos += (host - buffer);
}
else if (part.flag == OFFSET_HOST) {
if (type != IS_HTTP)
continue;
else
pos += (host - buffer);
}
else if (pos < 0 || part.flag == OFFSET_END) {
pos += n;
}
// after EAGAIN
if (offset && pos <= offset) {
continue;
@ -512,12 +518,12 @@ ssize_t desync(int sfd, char *buffer, size_t bfsize,
#ifdef FAKE_SUPPORT
case DESYNC_FAKE:
if (pos != lp) s = send_fake(sfd,
buffer + lp, type, pos - lp, fa, &dp);
buffer + lp, type, pos - lp, &dp);
break;
#endif
case DESYNC_DISORDER:
s = send_disorder(sfd,
buffer + lp, pos - lp, fa);
buffer + lp, pos - lp);
break;
case DESYNC_OOB:
@ -527,7 +533,7 @@ ssize_t desync(int sfd, char *buffer, size_t bfsize,
case DESYNC_DISOOB:
s = send_late_oob(sfd,
buffer + lp, n - lp, pos - lp, fa, dp.oob_char);
buffer + lp, n - lp, pos - lp, dp.oob_char);
break;
case DESYNC_SPLIT:
@ -589,7 +595,6 @@ ssize_t desync_udp(int sfd, char *buffer, size_t bfsize,
ssize_t n, struct sockaddr *dst, int dp_c)
{
struct desync_params *dp = &params.dp[dp_c];
int fa = get_family(dst);
if (dp->udp_fake_count != 0) {
struct packet pkt;
@ -607,7 +612,7 @@ ssize_t desync_udp(int sfd, char *buffer, size_t bfsize,
else pkt.size = 0;
}
int bttl = dp->ttl ? dp->ttl : 8;
if (setttl(sfd, bttl, fa) < 0) {
if (setttl(sfd, bttl) < 0) {
return -1;
}
for (int i = 0; i < dp->udp_fake_count; i++) {
@ -618,7 +623,7 @@ ssize_t desync_udp(int sfd, char *buffer, size_t bfsize,
return -1;
}
}
if (setttl(sfd, params.def_ttl, fa) < 0) {
if (setttl(sfd, params.def_ttl) < 0) {
return -1;
}
}

4
desync.h
View File

@ -14,9 +14,7 @@ ssize_t desync(int sfd, char *buffer, size_t bfsize, ssize_t n, ssize_t offset,
ssize_t desync_udp(int sfd, char *buffer, size_t bfsize, ssize_t n, struct sockaddr *dst, int dp_c);
int get_family(struct sockaddr *dst);
int setttl(int fd, int ttl, int family);
int setttl(int fd, int ttl);
int post_desync(int sfd, int dp_c);

2
extend.c
View File

@ -140,7 +140,7 @@ int connect_hook(struct poolhd *pool, struct eval *val,
int socket_mod(int fd, struct sockaddr *dst)
{
if (params.custom_ttl) {
if (setttl(fd, params.def_ttl, get_family(dst)) < 0) {
if (setttl(fd, params.def_ttl) < 0) {
return -1;
}
}

54
main.c
View File

@ -86,14 +86,14 @@ const char help_text[] = {
" -K, --proto <t,h,u> Protocol whitelist: tls,http,udp\n"
" -H, --hosts <file|:str> Hosts whitelist, filename or :string\n"
" -V, --pf <port[-portr]> Ports range whitelist\n"
" -s, --split <n[+s]> Split packet at n\n"
" +s - add SNI offset\n"
" +h - add HTTP Host offset\n"
" -d, --disorder <n[+s]> Split and send reverse order\n"
" -o, --oob <n[+s]> Split and send as OOB data\n"
" -q, --disoob <n[+s]> Split and send reverse order as OOB data\n"
" -s, --split <pos_t> Position format: offset[:repeats:skip][+flag1[flag2]]\n"
" Flags: +s - SNI offset, +h - HTTP host offset\n"
" Additional flags: +e - end, +m - middle, +r - random\n"
" -d, --disorder <pos_t> Split and send reverse order\n"
" -o, --oob <pos_t> Split and send as OOB data\n"
" -q, --disoob <pos_t> Split and send reverse order as OOB data\n"
#ifdef FAKE_SUPPORT
" -f, --fake <n[+s]> Split and send fake packet\n"
" -f, --fake <pos_t> Split and send fake packet\n"
" -t, --ttl <num> TTL of fake packets, default 8\n"
#ifdef __linux__
" -k, --ip-opt[=f|:str] IP options of fake packets\n"
@ -105,7 +105,7 @@ const char help_text[] = {
#endif
" -e, --oob-data <char> Set custom OOB data\n"
" -M, --mod-http <h,d,r> Modify HTTP: hcsmix,dcsmix,rmspace\n"
" -r, --tlsrec <n[+s]> Make TLS record at position\n"
" -r, --tlsrec <pos_t> Make TLS record at position\n"
" -a, --udp-fake <count> UDP fakes count, default 0\n"
#ifdef __linux__
" -Y, --drop-sack Drop packets with SACK extension\n"
@ -376,21 +376,50 @@ int parse_offset(struct part *part, const char *str)
{
char *end = 0;
long val = strtol(str, &end, 0);
if (*end == '+') switch (*(end + 1)) {
while (*end == ':') {
long rs = strtol(end + 1, &end, 0);
if (rs < 0 || rs > INT_MAX) {
return -1;
}
if (!part->r) {
if (!rs)
return -1;
part->r = rs;
}
else {
part->s = rs;
break;
}
}
if (*end == '+') {
switch (*(end + 1)) {
case 's':
part->flag = OFFSET_SNI;
break;
case 'h':
part->flag = OFFSET_HOST;
break;
case 'e':
case 'e': //
part->flag = OFFSET_END;
break;
case 'n':
break;
default:
return -1;
}
else if (*end) {
return -1;
switch (*(end + 2)) {
case 'e':
part->flag |= OFFSET_END;
break;
case 'm':
part->flag |= OFFSET_MID;
break;
case 'r':
part->flag |= OFFSET_RAND;
break;
case 's':;
}
}
part->pos = val;
return 0;
@ -908,6 +937,7 @@ int main(int argc, char **argv)
clear_params();
return -1;
}
srand((unsigned int)time(0));
int status = run((struct sockaddr_ina *)&params.laddr);
clear_params();

9
params.h
View File

@ -21,9 +21,11 @@
#define TIMEOUT_SUPPORT 1
#endif
#define OFFSET_SNI 1
#define OFFSET_HOST 2
#define OFFSET_END 3
#define OFFSET_END 1
#define OFFSET_MID 2
#define OFFSET_RAND 4
#define OFFSET_SNI 8
#define OFFSET_HOST 16
#define DETECT_HTTP_LOCAT 1
#define DETECT_TLS_ERR 2
@ -53,6 +55,7 @@ struct part {
int m;
int flag;
long pos;
int r, s;
};
struct packet {