This commit is contained in:
ruti 2024-02-18 17:19:11 +03:00
parent d36698bc45
commit 49828467a4
8 changed files with 63 additions and 6 deletions

View File

@ -137,7 +137,7 @@ int disorder_attack(int sfd, char *buffer,
}
int desync(int sfd, char *buffer,
int desync(int sfd, char *buffer, size_t bfsize,
ssize_t n, struct sockaddr *dst)
{
int pos = params.split;
@ -154,12 +154,24 @@ int desync(int sfd, char *buffer,
if (len && host) {
LOG(LOG_S, "host: %.*s\n", len, host);
}
if (type == IS_HTTP && params.mod_http) {
if (mod_http(buffer, n, params.mod_http)) {
fprintf(stderr, "mod http error\n");
return -1;
}
}
else if (type == IS_HTTPS && params.tlsrec) {
int o = params.tlsrec_pos;
if (params.tlsrec_sni) {
o += (host - buffer - 9 - 5);
}
else if (o < 0) {
o += n;
}
n = part_tls(buffer, bfsize, n, o);
}
if (host && params.split_host) {
pos += (host - buffer);
}

View File

@ -1 +1 @@
int desync(int sfd, char *buffer, ssize_t n, struct sockaddr *dst);
int desync(int sfd, char *buffer, size_t bfsize, ssize_t n, struct sockaddr *dst);

21
main.c
View File

@ -38,6 +38,9 @@ struct params params = {
.def_ttl = 0,
.custom_ttl = 0,
.mod_http = 0,
.tlsrec = 0,
.tlsrec_pos = 0,
.tlsrec_sni = 0,
.de_known = 0,
.ipv6 = 1,
@ -78,6 +81,8 @@ const char help_text[] = {
" -n, --tls-sni <str> Change SNI in fake CH\n"
#endif
" -M, --mod-http <h,d,r> Modify http: hcsmix,dcsmix,rmspace\n"
" -r, --tlsrec <offset> Make 2 TLS records\n"
" -L, --tlsrec-at-sni Add SNI offset to tlsrec position\n"
};
@ -106,6 +111,8 @@ const struct option options[] = {
{"tls-sni", 1, 0, 'n'},
#endif
{"mod-http", 1, 0, 'M'},
{"tlsrec", 1, 0, 'r'},
{"tlsrec-at-sni", 0, 0, 'L'},
{"def-ttl", 1, 0, 'g'},
{"delay", 1, 0, 'w'}, //
@ -399,6 +406,20 @@ int main(int argc, char **argv)
}
break;
case 'r':
val = strtol(optarg, &end, 0);
if (val > 0xffff || *end)
invalid = 1;
else {
params.tlsrec_pos = val;
params.tlsrec = 1;
}
break;
case 'L':
params.tlsrec_sni = 1;
break;
case 'g':
val = strtol(optarg, &end, 0);
if (val <= 0 || val > 255 || *end)

View File

@ -212,3 +212,19 @@ int mod_http(char *buffer, size_t bsize, int m)
}
return 0;
}
ssize_t part_tls(char *buffer, size_t bsize, ssize_t n, int pos)
{
if ((n < 3) || (bsize - n < 5) ||
(pos < 0) || (pos + 5 > n)) {
return n;
}
uint16_t r_sz = ANTOHS(buffer, 3);
memmove(buffer + 5 + pos + 5, buffer + 5 + pos, n - (5 + pos));
memcpy(buffer + 5 + pos, buffer, 3);
*(uint16_t *)(buffer + 3) = htons(pos);
*(uint16_t *)(buffer + 5 + pos + 3) = htons(r_sz - pos);
return n + 5;
}

View File

@ -19,3 +19,5 @@ int parse_tls(char *buffer, size_t bsize, char **hs);
int parse_http(char *buffer, size_t bsize, char **hs, uint16_t *port);
int mod_http(char *buffer, size_t bsize, int m);
ssize_t part_tls(char *buffer, size_t bsize, ssize_t n, int pos);

View File

@ -18,6 +18,9 @@ struct params {
int def_ttl;
char custom_ttl;
int mod_http;
char tlsrec;
int tlsrec_pos;
char tlsrec_sni;
char ipv6;
char resolve;

View File

@ -443,7 +443,7 @@ static inline int on_connect(struct poolhd *pool, struct eval *val,
if (n) perror("recv data");
return -1;
}
if (desync(val->pair->fd, buffer,
if (desync(val->pair->fd, buffer, bfsize,
n, (struct sockaddr *)&val->pair->in6)) {
return -1;
}
@ -596,8 +596,7 @@ int listener(struct sockaddr_ina srv)
if (signal(SIGPIPE, SIG_IGN))
perror("signal SIGPIPE!");
#endif
if (signal(SIGINT, on_cancel))
perror("signal SIGINT!");
signal(SIGINT, on_cancel);
int srvfd = nb_socket(srv.sa.sa_family, SOCK_STREAM);
if (srvfd < 0) {

View File

@ -54,3 +54,7 @@ $ ./ciadpi --method disorder --split-pos 3 --port 1080
"Host: name" -> "Host: NaMe"
rmspace:
"Host: name" -> "Host:name\t"
-r, --tlsrec <offset>
Разделить ClientHello на отдельные записи по указанному смещению
-L, --tlsrec-at-sni
Если найден SNI, то считать относительно его смещения