gfw_resist_tls_proxy icon indicating copy to clipboard operation
gfw_resist_tls_proxy copied to clipboard

Published 20 hours ago verified publisher icon GFW-knocker

Geneva Packet manipulation - Server side TCP handshake

Open wlfvpn opened this issue 1 year ago • 5 comments

This is perfect and smart. It's been a long time I've been trying to gather a crew to try similar things (https://github.com/net4people/bbs/issues/231) . Fragmentation has been a good evading strategy for India, etc and many more countries.

Have you been using https://github.com/Kkevsterrr/geneva ? It has many more strategies and strategies on server side as well during tcp handshake. For example in 2020 they found In Iran if the server sends 9 SYN/ACK packets to client, it can bypasss the same result. I believe your strategy could also be reimplemented in theirs as well. It's good to run it and see the strategies the genetic algorithm finds and if we can find a server strategy then the client does not need to do anything? I highly recommend watching this: https://www.youtube.com/watch?v=NM-h3WoAYEc

I believe the new filtering system is in place since that time.

wlfvpn avatar Apr 25 '23 16:04 wlfvpn

I'm not an expert but as I noticed from their documents: "This makes Geneva effective against many types of in-network censorship (though it cannot be used against IP-blocking censorship)." This might help delaying the filtering or exposure of servers.

This project however is trying to bypass filtering even for the exposed and banned servers.

amihos avatar Apr 25 '23 19:04 amihos

@amihos That's true. If the IP is directly banned it cannot be unfiltered. Same as this repo. If the IP is directly banned cannot be unfiltered. Iran filtering is a bit different. This repo also fragments the client hello with some delay to bypass the SNI filtering. Both are doing same thing (except this adds a delay smart way). I'm saying this because Geneva automatically finds other strategies that are not easy to find and test a lot of things either client side and server side and could be very helpful path forward in case fragmentation is blocked. If a server side strategy is find out, then we can easily ignore developing apps for client side.

We should test it out. I tried some of the out of the box strategies but it wasn't bypassing the filtering.

wlfvpn avatar Apr 25 '23 19:04 wlfvpn

@wlfvpn Hi, have you had any success with Geneva?!

hamedsbt avatar Apr 25 '23 23:04 hamedsbt

@hamedsbt No, I tested few strategies but it didnt pass the filtering. I'm looking for a crew with knowledge of python + curl + basic networking (tcp handshake packets) to read the documentations and apply it together.

wlfvpn avatar Apr 25 '23 23:04 wlfvpn

@GFW-knocker I watched this and I think there are very interesting insights in it about packet fragmentation. https://www.youtube.com/watch?v=ASskHbwnrV4&ab_channel=KevinBock

amihos avatar Apr 28 '23 09:04 amihos