a3sroot

In the current form of Internet attack, it is better to directly replace HTTP with WS, which is nothing more than adding a layer of TLS.

server/gogo/go.go:180 The returned information is too abstract for the user to determine what the problem is.. So I made some changes.

Hi. Do I need to merge again?😭

Can you add manual byte length increase? [https://github.com/rapid7/metasploit-framework/pull/16397](#16397)

This will eventually lead to both server-side and agent hang fishing

When the request volume is too large, the correct URL suffix is not matched.

@rkervella @moloch--

Implant log ``` 2022/11/18 17:30:35 sliver.go:282: [recv] tunHandler 84 2022/11/18 17:30:35 portfwd_handler.go:43: [portfwd] Dialing -> xxx.com:443 2022/11/18 17:30:40 portfwd_handler.go:64: [portfwd] Configuring keep alive 2022/11/18 17:30:40 portfwd_handler.go:73: [portfwd] Creating tcp tunnel...

There is a bug in the portfwd logic, which accumulates a lot of tunnel requests that don't get sent out.There is a 50 percent chance of triggering.

@moloch-- Is there any relief? Deeply troubled.