From 725dc1a6d22503b89e37a77c9c2587244d63c74f Mon Sep 17 00:00:00 2001 From: Vadim Vetrov Date: Tue, 27 Aug 2024 23:23:54 +0300 Subject: [PATCH] Allow tune randseq offsets. May be useful for #94 --- README.md | 2 ++ args.c | 14 +++++++++++++- config.h | 1 + mangle.c | 13 +++++++++---- 4 files changed, 25 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 1872f09..d930959 100644 --- a/README.md +++ b/README.md @@ -157,6 +157,8 @@ Available flags: - `--faking-ttl=` Tunes the time to live (TTL) of fake SNI messages. TTL is specified like that the packet will go through the DPI system and captured by it, but will not reach the destination server. Defaults to **8**. +- `--fake-seq-offset` Tunes the offset from original sequence number for fake packets. Used by randseq faking strategy. Defaults to 10000. If 0, random sequence number will be set. + - `--frag={tcp,ip,none}` Specifies the fragmentation strategy for the packet. tcp is used by default. Ip fragmentation may be blocked by DPI system. None specifies no fragmentation. Probably this won't work, but may be will work for some fake sni strategies. - `--frag-sni-reverse={0|1}` Specifies **youtubeUnblock** to send *ClientHello* fragments in the reverse order. Defaults to **1**. diff --git a/args.c b/args.c index cb044ec..26f27af 100644 --- a/args.c +++ b/args.c @@ -21,6 +21,7 @@ struct config_t config = { .frag_middle_sni = 1, .frag_sni_pos = 2, .use_ipv6 = 1, + .fakeseq_offset = 10000, .sni_detection = SNI_DETECTION_PARSE, @@ -65,13 +66,14 @@ struct config_t config = { #define OPT_QUIC_DROP 16 #define OPT_SNI_DETECTION 17 #define OPT_NO_IPV6 20 +#define OPT_FAKE_SEQ_OFFSET 21 #define OPT_SEG2DELAY 5 #define OPT_THREADS 6 #define OPT_SILENT 7 #define OPT_NO_GSO 8 #define OPT_QUEUE_NUM 9 -#define OPT_MAX OPT_NO_IPV6 +#define OPT_MAX OPT_FAKE_SEQ_OFFSET static struct option long_opt[] = { {"help", 0, 0, 'h'}, @@ -80,6 +82,7 @@ static struct option long_opt[] = { {"fake-sni", 1, 0, OPT_FAKE_SNI}, {"fake-sni-seq-len", 1, 0, OPT_FAKE_SNI_SEQ_LEN}, {"faking-strategy", 1, 0, OPT_FAKING_STRATEGY}, + {"fake-seq-offset", 1, 0, OPT_FAKE_SEQ_OFFSET}, {"faking-ttl", 1, 0, OPT_FAKING_TTL}, {"frag", 1, 0, OPT_FRAG}, {"frag-sni-reverse", 1, 0, OPT_FRAG_SNI_REVERSE}, @@ -132,6 +135,7 @@ void print_usage(const char *argv0) { printf("\t--sni-domains=|all\n"); printf("\t--fake-sni={1|0}\n"); printf("\t--fake-sni-seq-len=\n"); + printf("\t--fake-seq-offset=\n"); printf("\t--faking-ttl=\n"); printf("\t--faking-strategy={randseq|ttl|tcp_check|pastseq}\n"); printf("\t--frag={tcp,ip,none}\n"); @@ -269,7 +273,14 @@ int parse_args(int argc, char *argv[]) { config.faking_ttl = num; break; + case OPT_FAKE_SEQ_OFFSET: + num = parse_numeric_option(optarg); + if (errno != 0 || num < 0) { + goto invalid_opt; + } + config.fakeseq_offset = num; + break; case OPT_FAKE_SNI: if (strcmp(optarg, "1") == 0) { config.fake_sni = 1; @@ -382,6 +393,7 @@ void print_welcome() { break; case FAKE_STRAT_RAND_SEQ: printf("Random seq faking strategy will be used\n"); + printf("Fake seq offset set to %u\n", config.fakeseq_offset); break; case FAKE_STRAT_TCP_CHECK: printf("TCP checksum faking strategy will be used\n"); diff --git a/config.h b/config.h index e084a3a..5735e7e 100644 --- a/config.h +++ b/config.h @@ -44,6 +44,7 @@ struct config_t { const char *fake_sni_pkt; unsigned int fake_sni_pkt_sz; unsigned int fk_winsize; + unsigned int fakeseq_offset; }; extern struct config_t config; diff --git a/mangle.c b/mangle.c index 94a9c54..bcd0fbd 100644 --- a/mangle.c +++ b/mangle.c @@ -822,13 +822,18 @@ int fail_packet(uint8_t *payload, uint32_t plen) { if (config.faking_strategy == FAKE_STRAT_RAND_SEQ) { lgtrace("fake seq: %u -> ", ntohl(tcph->seq)); + + if (config.fakeseq_offset) { + tcph->seq = htonl(ntohl(tcph->seq) - config.fakeseq_offset); + } else { #ifdef KERNEL_SCOPE - tcph->seq = 124; - tcph->ack_seq = 124; + tcph->seq = 124; #else - tcph->seq = random(); - tcph->ack_seq = random(); + tcph->seq = random(); #endif + + } + lgtrace_addp("%u", ntohl(tcph->seq)); } else if (config.faking_strategy == FAKE_STRAT_PAST_SEQ) { lgtrace("fake seq: %u -> ", ntohl(tcph->seq));