mirror of
https://github.com/hufrea/byedpi.git
synced 2024-12-22 14:25:44 +00:00
--tlsrec
This commit is contained in:
parent
d36698bc45
commit
49828467a4
14
desync.c
14
desync.c
@ -137,7 +137,7 @@ int disorder_attack(int sfd, char *buffer,
|
||||
}
|
||||
|
||||
|
||||
int desync(int sfd, char *buffer,
|
||||
int desync(int sfd, char *buffer, size_t bfsize,
|
||||
ssize_t n, struct sockaddr *dst)
|
||||
{
|
||||
int pos = params.split;
|
||||
@ -154,12 +154,24 @@ int desync(int sfd, char *buffer,
|
||||
if (len && host) {
|
||||
LOG(LOG_S, "host: %.*s\n", len, host);
|
||||
}
|
||||
|
||||
if (type == IS_HTTP && params.mod_http) {
|
||||
if (mod_http(buffer, n, params.mod_http)) {
|
||||
fprintf(stderr, "mod http error\n");
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
else if (type == IS_HTTPS && params.tlsrec) {
|
||||
int o = params.tlsrec_pos;
|
||||
if (params.tlsrec_sni) {
|
||||
o += (host - buffer - 9 - 5);
|
||||
}
|
||||
else if (o < 0) {
|
||||
o += n;
|
||||
}
|
||||
n = part_tls(buffer, bfsize, n, o);
|
||||
}
|
||||
|
||||
if (host && params.split_host) {
|
||||
pos += (host - buffer);
|
||||
}
|
||||
|
2
desync.h
2
desync.h
@ -1 +1 @@
|
||||
int desync(int sfd, char *buffer, ssize_t n, struct sockaddr *dst);
|
||||
int desync(int sfd, char *buffer, size_t bfsize, ssize_t n, struct sockaddr *dst);
|
||||
|
21
main.c
21
main.c
@ -38,6 +38,9 @@ struct params params = {
|
||||
.def_ttl = 0,
|
||||
.custom_ttl = 0,
|
||||
.mod_http = 0,
|
||||
.tlsrec = 0,
|
||||
.tlsrec_pos = 0,
|
||||
.tlsrec_sni = 0,
|
||||
.de_known = 0,
|
||||
|
||||
.ipv6 = 1,
|
||||
@ -78,6 +81,8 @@ const char help_text[] = {
|
||||
" -n, --tls-sni <str> Change SNI in fake CH\n"
|
||||
#endif
|
||||
" -M, --mod-http <h,d,r> Modify http: hcsmix,dcsmix,rmspace\n"
|
||||
" -r, --tlsrec <offset> Make 2 TLS records\n"
|
||||
" -L, --tlsrec-at-sni Add SNI offset to tlsrec position\n"
|
||||
};
|
||||
|
||||
|
||||
@ -106,6 +111,8 @@ const struct option options[] = {
|
||||
{"tls-sni", 1, 0, 'n'},
|
||||
#endif
|
||||
{"mod-http", 1, 0, 'M'},
|
||||
{"tlsrec", 1, 0, 'r'},
|
||||
{"tlsrec-at-sni", 0, 0, 'L'},
|
||||
{"def-ttl", 1, 0, 'g'},
|
||||
{"delay", 1, 0, 'w'}, //
|
||||
|
||||
@ -399,6 +406,20 @@ int main(int argc, char **argv)
|
||||
}
|
||||
break;
|
||||
|
||||
case 'r':
|
||||
val = strtol(optarg, &end, 0);
|
||||
if (val > 0xffff || *end)
|
||||
invalid = 1;
|
||||
else {
|
||||
params.tlsrec_pos = val;
|
||||
params.tlsrec = 1;
|
||||
}
|
||||
break;
|
||||
|
||||
case 'L':
|
||||
params.tlsrec_sni = 1;
|
||||
break;
|
||||
|
||||
case 'g':
|
||||
val = strtol(optarg, &end, 0);
|
||||
if (val <= 0 || val > 255 || *end)
|
||||
|
16
packets.c
16
packets.c
@ -212,3 +212,19 @@ int mod_http(char *buffer, size_t bsize, int m)
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
ssize_t part_tls(char *buffer, size_t bsize, ssize_t n, int pos)
|
||||
{
|
||||
if ((n < 3) || (bsize - n < 5) ||
|
||||
(pos < 0) || (pos + 5 > n)) {
|
||||
return n;
|
||||
}
|
||||
uint16_t r_sz = ANTOHS(buffer, 3);
|
||||
memmove(buffer + 5 + pos + 5, buffer + 5 + pos, n - (5 + pos));
|
||||
memcpy(buffer + 5 + pos, buffer, 3);
|
||||
|
||||
*(uint16_t *)(buffer + 3) = htons(pos);
|
||||
*(uint16_t *)(buffer + 5 + pos + 3) = htons(r_sz - pos);
|
||||
return n + 5;
|
||||
}
|
||||
|
@ -19,3 +19,5 @@ int parse_tls(char *buffer, size_t bsize, char **hs);
|
||||
int parse_http(char *buffer, size_t bsize, char **hs, uint16_t *port);
|
||||
|
||||
int mod_http(char *buffer, size_t bsize, int m);
|
||||
|
||||
ssize_t part_tls(char *buffer, size_t bsize, ssize_t n, int pos);
|
||||
|
3
params.h
3
params.h
@ -18,6 +18,9 @@ struct params {
|
||||
int def_ttl;
|
||||
char custom_ttl;
|
||||
int mod_http;
|
||||
char tlsrec;
|
||||
int tlsrec_pos;
|
||||
char tlsrec_sni;
|
||||
|
||||
char ipv6;
|
||||
char resolve;
|
||||
|
5
proxy.c
5
proxy.c
@ -443,7 +443,7 @@ static inline int on_connect(struct poolhd *pool, struct eval *val,
|
||||
if (n) perror("recv data");
|
||||
return -1;
|
||||
}
|
||||
if (desync(val->pair->fd, buffer,
|
||||
if (desync(val->pair->fd, buffer, bfsize,
|
||||
n, (struct sockaddr *)&val->pair->in6)) {
|
||||
return -1;
|
||||
}
|
||||
@ -596,8 +596,7 @@ int listener(struct sockaddr_ina srv)
|
||||
if (signal(SIGPIPE, SIG_IGN))
|
||||
perror("signal SIGPIPE!");
|
||||
#endif
|
||||
if (signal(SIGINT, on_cancel))
|
||||
perror("signal SIGINT!");
|
||||
signal(SIGINT, on_cancel);
|
||||
|
||||
int srvfd = nb_socket(srv.sa.sa_family, SOCK_STREAM);
|
||||
if (srvfd < 0) {
|
||||
|
@ -54,3 +54,7 @@ $ ./ciadpi --method disorder --split-pos 3 --port 1080
|
||||
"Host: name" -> "Host: NaMe"
|
||||
rmspace:
|
||||
"Host: name" -> "Host:name\t"
|
||||
-r, --tlsrec <offset>
|
||||
Разделить ClientHello на отдельные записи по указанному смещению
|
||||
-L, --tlsrec-at-sni
|
||||
Если найден SNI, то считать относительно его смещения
|
Loading…
Reference in New Issue
Block a user