From 2f98038991f6214ddc7d2c26b1ab8dfbfd45ef1c Mon Sep 17 00:00:00 2001 From: ruti <> Date: Tue, 6 Aug 2024 19:11:01 +0300 Subject: [PATCH] fake-offset, oob2 --- desync.c | 49 +++++++++++++++++++++++++++++++++++++++++++++---- main.c | 18 ++++++++++++++++++ params.h | 4 ++++ 3 files changed, 67 insertions(+), 4 deletions(-) diff --git a/desync.c b/desync.c index 781c60b..b46f137 100644 --- a/desync.c +++ b/desync.c @@ -139,7 +139,14 @@ ssize_t send_fake(int sfd, char *buffer, else { pkt = cnt != IS_HTTP ? fake_tls : fake_http; } - size_t psz = pkt.size; + if (opt->fake_offset) { + if (pkt.size > opt->fake_offset) { + pkt.size -= opt->fake_offset; + pkt.data += opt->fake_offset; + } + else pkt.size = 0; + } + #ifdef __linux__ int ffd = memfd_create("name", 0); if (ffd < 0) { @@ -161,7 +168,7 @@ ssize_t send_fake(int sfd, char *buffer, p = 0; break; } - memcpy(p, pkt.data, psz < pos ? psz : pos); + memcpy(p, pkt.data, pkt.size < pos ? pkt.size : pos); if (setttl(sfd, opt->ttl ? opt->ttl : 8, fa) < 0) { break; @@ -240,6 +247,13 @@ ssize_t send_fake(int sfd, char *buffer, pkt = cnt != IS_HTTP ? fake_tls : fake_http; } size_t psz = pkt.size; + if (opt->fake_offset) { + if (psz > opt->fake_offset) { + psz -= opt->fake_offset; + pkt.data += opt->fake_offset; + } + else psz = 0; + } char path[MAX_PATH], temp[MAX_PATH + 1]; int ps = GetTempPath(sizeof(temp), temp); @@ -382,6 +396,27 @@ ssize_t send_disorder(int sfd, } +ssize_t send_late_oob(int sfd, char *buffer, + ssize_t n, long pos, int fa) +{ + int bttl = 1; + + if (setttl(sfd, bttl, fa) < 0) { + return -1; + } + ssize_t len = send_oob(sfd, buffer, n, pos); + if (len < 0) { + uniperror("send"); + } + wait_send_if_support(sfd); + + if (setttl(sfd, params.def_ttl, fa) < 0) { + return -1; + } + return len; +} + + ssize_t desync(int sfd, char *buffer, size_t bfsize, ssize_t n, ssize_t offset, struct sockaddr *dst, int dp_c) { @@ -455,11 +490,11 @@ ssize_t desync(int sfd, char *buffer, size_t bfsize, else pos += (host - buffer); } - else if (pos < 0) { + else if (pos < 0 || part.flag == OFFSET_END) { pos += n; } // after EAGAIN - if (pos <= offset) { + if (offset && pos <= offset) { continue; } else if (pos <= 0 || pos >= n || pos <= lp) { @@ -486,6 +521,12 @@ ssize_t desync(int sfd, char *buffer, size_t bfsize, wait_send_if_support(sfd); break; + case DESYNC_OOB2: + s = send_late_oob(sfd, + buffer + lp, n - lp, pos - lp, fa); + //wait_send_if_support(sfd); + break; + case DESYNC_SPLIT: case DESYNC_NONE: s = send(sfd, buffer + lp, pos - lp, 0); diff --git a/main.c b/main.c index 6f54f26..cb2684b 100644 --- a/main.c +++ b/main.c @@ -90,6 +90,7 @@ const char help_text[] = { " +h - add HTTP Host offset\n" " -d, --disorder Split and send reverse order\n" " -o, --oob Split and send as OOB data\n" + " -O, --oob2 Insert OOB data\n" #ifdef FAKE_SUPPORT " -f, --fake Split and send fake packet\n" " -t, --ttl TTL of fake packets, default 8\n" @@ -97,6 +98,7 @@ const char help_text[] = { " -k, --ip-opt[=f|:str] IP options of fake packets\n" " -S, --md5sig Add MD5 Signature option for fake packets\n" #endif + " -R, --fake-offset Fake data start offset\n" " -l, --fake-data Set custom fake packet\n" " -n, --tls-sni Change SNI in fake ClientHello\n" #endif @@ -134,6 +136,7 @@ const struct option options[] = { {"split", 1, 0, 's'}, {"disorder", 1, 0, 'd'}, {"oob", 1, 0, 'o'}, + {"oob2", 1, 0, 'O'}, #ifdef FAKE_SUPPORT {"fake", 1, 0, 'f'}, {"ttl", 1, 0, 't'}, @@ -143,6 +146,7 @@ const struct option options[] = { #endif {"fake-data", 1, 0, 'l'}, {"tls-sni", 1, 0, 'n'}, + {"fake-offset", 1, 0, 'R'}, #endif {"oob-data", 1, 0, 'e'}, {"mod-http", 1, 0, 'M'}, @@ -347,6 +351,9 @@ int parse_offset(struct part *part, const char *str) case 'h': part->flag = OFFSET_HOST; break; + case 'e': + part->flag = OFFSET_END; + break; default: return -1; } @@ -630,6 +637,7 @@ int main(int argc, char **argv) case 's': case 'd': case 'o': + case 'O': case 'f': ; struct part *part = add((void *)&dp->parts, @@ -649,6 +657,8 @@ int main(int argc, char **argv) break; case 'o': part->m = DESYNC_OOB; break; + case 'O': part->m = DESYNC_OOB2; + break; case 'f': part->m = DESYNC_FAKE; } break; @@ -681,6 +691,14 @@ int main(int argc, char **argv) dp->md5sig = 1; break; + case 'R': + val = strtol(optarg, &end, 0); + if (val <= 0 || *end) + invalid = 1; + else + dp->fake_offset = val; + break; + case 'n': if (change_tls_sni(optarg, fake_tls.data, fake_tls.size)) { fprintf(stderr, "error chsni\n"); diff --git a/params.h b/params.h index 70f01f9..caa9057 100644 --- a/params.h +++ b/params.h @@ -22,6 +22,7 @@ #define OFFSET_SNI 1 #define OFFSET_HOST 2 +#define OFFSET_END 3 #define DETECT_HTTP_LOCAT 1 #define DETECT_TLS_ERR 2 @@ -32,6 +33,7 @@ enum demode { DESYNC_SPLIT, DESYNC_DISORDER, DESYNC_OOB, + DESYNC_OOB2, DESYNC_FAKE }; @@ -41,6 +43,7 @@ char *demode_str[] = { "DESYNC_SPLIT", "DESYNC_DISORDER", "DESYNC_OOB", + "DESYNC_OOB2", "DESYNC_FAKE" }; #endif @@ -63,6 +66,7 @@ struct desync_params { char md5sig; struct packet fake_data; int udp_fake_count; + int fake_offset; int parts_n; struct part *parts;