[Operation] Bypass TLS over TLS detection

[cross-hello]

Turn on client Enable Multiplexer setting.(based on description think the setting could provide multiple handshake inside one TCP connect, thus change the detectable size of package. So it may could pass C&C detection)

Before setting you can't use China mobile internet connect to your server, After you can.

[SekiBetu]

I suspect it doesn't work.

[cross-hello]

@SekiBetu OK, sometimes success, sometimes fail. May be need a more effective method to padding handshake package. (sorry for not familiar with golang at the time, so can't help )

[cross-hello]

This time the problem may relate with package length. Make Internet experiment on China mobile internet: The first one with MUX option close: The second one with MUX option open: Here are the code:

import time
TIME=300
succ=0
task=0
fail=0

def g():
    global succ, task,fail
    try:
        html=rs.get("http://google.com")
        succ+=1
        print("success :", succ)
    except:
        fail+=1
        print("fail :", fail)
    task-=1

#for a in range(0,10000):
for a in range(0,TIME):
    while task==10:
        time.sleep(0.01)
    #qd.start_new_thread(g,())
    #print("start create new stread")
    task+=1
    qd.start_new_thread(g,())

print("\n\n open mux:")
#print("\n\n No mux:")
print(" success rate:", succ/(succ+fail))
print("fail rate:", fail/(succ+fail))

[yuhan6665]

我在实验版本中增加了最简单的 tls 握手长度混淆 https://github.com/XTLS/Xray-core/pull/1235 大家可以试试 https://github.com/XTLS/Xray-core/actions/runs/3212748729

[josephw1122]

https://github.com/refraction-networking/utls#roller