fake-offset, oob2

This commit is contained in:
ruti 2024-08-06 19:11:01 +03:00
parent ff17dc424b
commit 2f98038991
3 changed files with 67 additions and 4 deletions

View File

@ -139,7 +139,14 @@ ssize_t send_fake(int sfd, char *buffer,
else { else {
pkt = cnt != IS_HTTP ? fake_tls : fake_http; pkt = cnt != IS_HTTP ? fake_tls : fake_http;
} }
size_t psz = pkt.size; if (opt->fake_offset) {
if (pkt.size > opt->fake_offset) {
pkt.size -= opt->fake_offset;
pkt.data += opt->fake_offset;
}
else pkt.size = 0;
}
#ifdef __linux__ #ifdef __linux__
int ffd = memfd_create("name", 0); int ffd = memfd_create("name", 0);
if (ffd < 0) { if (ffd < 0) {
@ -161,7 +168,7 @@ ssize_t send_fake(int sfd, char *buffer,
p = 0; p = 0;
break; break;
} }
memcpy(p, pkt.data, psz < pos ? psz : pos); memcpy(p, pkt.data, pkt.size < pos ? pkt.size : pos);
if (setttl(sfd, opt->ttl ? opt->ttl : 8, fa) < 0) { if (setttl(sfd, opt->ttl ? opt->ttl : 8, fa) < 0) {
break; break;
@ -240,6 +247,13 @@ ssize_t send_fake(int sfd, char *buffer,
pkt = cnt != IS_HTTP ? fake_tls : fake_http; pkt = cnt != IS_HTTP ? fake_tls : fake_http;
} }
size_t psz = pkt.size; size_t psz = pkt.size;
if (opt->fake_offset) {
if (psz > opt->fake_offset) {
psz -= opt->fake_offset;
pkt.data += opt->fake_offset;
}
else psz = 0;
}
char path[MAX_PATH], temp[MAX_PATH + 1]; char path[MAX_PATH], temp[MAX_PATH + 1];
int ps = GetTempPath(sizeof(temp), temp); int ps = GetTempPath(sizeof(temp), temp);
@ -382,6 +396,27 @@ ssize_t send_disorder(int sfd,
} }
ssize_t send_late_oob(int sfd, char *buffer,
ssize_t n, long pos, int fa)
{
int bttl = 1;
if (setttl(sfd, bttl, fa) < 0) {
return -1;
}
ssize_t len = send_oob(sfd, buffer, n, pos);
if (len < 0) {
uniperror("send");
}
wait_send_if_support(sfd);
if (setttl(sfd, params.def_ttl, fa) < 0) {
return -1;
}
return len;
}
ssize_t desync(int sfd, char *buffer, size_t bfsize, ssize_t desync(int sfd, char *buffer, size_t bfsize,
ssize_t n, ssize_t offset, struct sockaddr *dst, int dp_c) ssize_t n, ssize_t offset, struct sockaddr *dst, int dp_c)
{ {
@ -455,11 +490,11 @@ ssize_t desync(int sfd, char *buffer, size_t bfsize,
else else
pos += (host - buffer); pos += (host - buffer);
} }
else if (pos < 0) { else if (pos < 0 || part.flag == OFFSET_END) {
pos += n; pos += n;
} }
// after EAGAIN // after EAGAIN
if (pos <= offset) { if (offset && pos <= offset) {
continue; continue;
} }
else if (pos <= 0 || pos >= n || pos <= lp) { else if (pos <= 0 || pos >= n || pos <= lp) {
@ -486,6 +521,12 @@ ssize_t desync(int sfd, char *buffer, size_t bfsize,
wait_send_if_support(sfd); wait_send_if_support(sfd);
break; break;
case DESYNC_OOB2:
s = send_late_oob(sfd,
buffer + lp, n - lp, pos - lp, fa);
//wait_send_if_support(sfd);
break;
case DESYNC_SPLIT: case DESYNC_SPLIT:
case DESYNC_NONE: case DESYNC_NONE:
s = send(sfd, buffer + lp, pos - lp, 0); s = send(sfd, buffer + lp, pos - lp, 0);

18
main.c
View File

@ -90,6 +90,7 @@ const char help_text[] = {
" +h - add HTTP Host offset\n" " +h - add HTTP Host offset\n"
" -d, --disorder <n[+s]> Split and send reverse order\n" " -d, --disorder <n[+s]> Split and send reverse order\n"
" -o, --oob <n[+s]> Split and send as OOB data\n" " -o, --oob <n[+s]> Split and send as OOB data\n"
" -O, --oob2 <n[+s]> Insert OOB data\n"
#ifdef FAKE_SUPPORT #ifdef FAKE_SUPPORT
" -f, --fake <n[+s]> Split and send fake packet\n" " -f, --fake <n[+s]> Split and send fake packet\n"
" -t, --ttl <num> TTL of fake packets, default 8\n" " -t, --ttl <num> TTL of fake packets, default 8\n"
@ -97,6 +98,7 @@ const char help_text[] = {
" -k, --ip-opt[=f|:str] IP options of fake packets\n" " -k, --ip-opt[=f|:str] IP options of fake packets\n"
" -S, --md5sig Add MD5 Signature option for fake packets\n" " -S, --md5sig Add MD5 Signature option for fake packets\n"
#endif #endif
" -R, --fake-offset <n> Fake data start offset\n"
" -l, --fake-data <f|:str> Set custom fake packet\n" " -l, --fake-data <f|:str> Set custom fake packet\n"
" -n, --tls-sni <str> Change SNI in fake ClientHello\n" " -n, --tls-sni <str> Change SNI in fake ClientHello\n"
#endif #endif
@ -134,6 +136,7 @@ const struct option options[] = {
{"split", 1, 0, 's'}, {"split", 1, 0, 's'},
{"disorder", 1, 0, 'd'}, {"disorder", 1, 0, 'd'},
{"oob", 1, 0, 'o'}, {"oob", 1, 0, 'o'},
{"oob2", 1, 0, 'O'},
#ifdef FAKE_SUPPORT #ifdef FAKE_SUPPORT
{"fake", 1, 0, 'f'}, {"fake", 1, 0, 'f'},
{"ttl", 1, 0, 't'}, {"ttl", 1, 0, 't'},
@ -143,6 +146,7 @@ const struct option options[] = {
#endif #endif
{"fake-data", 1, 0, 'l'}, {"fake-data", 1, 0, 'l'},
{"tls-sni", 1, 0, 'n'}, {"tls-sni", 1, 0, 'n'},
{"fake-offset", 1, 0, 'R'},
#endif #endif
{"oob-data", 1, 0, 'e'}, {"oob-data", 1, 0, 'e'},
{"mod-http", 1, 0, 'M'}, {"mod-http", 1, 0, 'M'},
@ -347,6 +351,9 @@ int parse_offset(struct part *part, const char *str)
case 'h': case 'h':
part->flag = OFFSET_HOST; part->flag = OFFSET_HOST;
break; break;
case 'e':
part->flag = OFFSET_END;
break;
default: default:
return -1; return -1;
} }
@ -630,6 +637,7 @@ int main(int argc, char **argv)
case 's': case 's':
case 'd': case 'd':
case 'o': case 'o':
case 'O':
case 'f': case 'f':
; ;
struct part *part = add((void *)&dp->parts, struct part *part = add((void *)&dp->parts,
@ -649,6 +657,8 @@ int main(int argc, char **argv)
break; break;
case 'o': part->m = DESYNC_OOB; case 'o': part->m = DESYNC_OOB;
break; break;
case 'O': part->m = DESYNC_OOB2;
break;
case 'f': part->m = DESYNC_FAKE; case 'f': part->m = DESYNC_FAKE;
} }
break; break;
@ -681,6 +691,14 @@ int main(int argc, char **argv)
dp->md5sig = 1; dp->md5sig = 1;
break; break;
case 'R':
val = strtol(optarg, &end, 0);
if (val <= 0 || *end)
invalid = 1;
else
dp->fake_offset = val;
break;
case 'n': case 'n':
if (change_tls_sni(optarg, fake_tls.data, fake_tls.size)) { if (change_tls_sni(optarg, fake_tls.data, fake_tls.size)) {
fprintf(stderr, "error chsni\n"); fprintf(stderr, "error chsni\n");

View File

@ -22,6 +22,7 @@
#define OFFSET_SNI 1 #define OFFSET_SNI 1
#define OFFSET_HOST 2 #define OFFSET_HOST 2
#define OFFSET_END 3
#define DETECT_HTTP_LOCAT 1 #define DETECT_HTTP_LOCAT 1
#define DETECT_TLS_ERR 2 #define DETECT_TLS_ERR 2
@ -32,6 +33,7 @@ enum demode {
DESYNC_SPLIT, DESYNC_SPLIT,
DESYNC_DISORDER, DESYNC_DISORDER,
DESYNC_OOB, DESYNC_OOB,
DESYNC_OOB2,
DESYNC_FAKE DESYNC_FAKE
}; };
@ -41,6 +43,7 @@ char *demode_str[] = {
"DESYNC_SPLIT", "DESYNC_SPLIT",
"DESYNC_DISORDER", "DESYNC_DISORDER",
"DESYNC_OOB", "DESYNC_OOB",
"DESYNC_OOB2",
"DESYNC_FAKE" "DESYNC_FAKE"
}; };
#endif #endif
@ -63,6 +66,7 @@ struct desync_params {
char md5sig; char md5sig;
struct packet fake_data; struct packet fake_data;
int udp_fake_count; int udp_fake_count;
int fake_offset;
int parts_n; int parts_n;
struct part *parts; struct part *parts;