Opened 6 years ago

Last modified 2 months ago

#8676 new defect

Research an HTTP pluggable transport that actually uses a browser and a web server

Reported by: asn Owned by:
Priority: Medium Milestone:
Component: Obfuscation/Pluggable transport Version:
Severity: Normal Keywords:
Cc: phw, hellais, zwol, dardok Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


Research like makes it even more clear that it's worth exploring the possibility of actually using the software you are trying to emulate. That is, if you are trying to look like Skype, you better use the Skype binary. If you want to look like HTTP, you better use a browser on the client-side and a web server on the server-side.

We should look whether we can use stuff like Webkit to write a client-side transport, and a web server like nginx or apache to write its server-side.

Child Tickets

Change History (11)

comment:1 Changed 6 years ago by phw

Cc: phw added

comment:2 Changed 6 years ago by hellais

Cc: hellais added

comment:3 Changed 6 years ago by sysrqb

I'm curious if it is worth breaking this PT into multiple stages/iterations where each one improves its ability to mimic/use a designated program. So, instead of spending a lot of time up-front integrating the client- and server-sides with their respective programs, the initial version uses pycurl on the client-side and a minimal server implementation on the server side. Then the next iteration uses webkit or firefox to bypass DPI filtering, if curl isn't popular enough, and the "final" iteration uses nginx or similar to prevent blocking-on-followup. This has obvious negative consequences, but I'll throw it out there anyway.

comment:4 Changed 6 years ago by asn

blanu suggested to use Selenium for the client-side; it's a framework that "let's you write scripts which drive browsers":

comment:5 Changed 6 years ago by asn

BTW, for the server-side, we might want to consider having a simple PHP script that extracts the data from HTTP and pipes them to a bridge.

comment:6 Changed 6 years ago by asn

Cc: zwol added

This might or might not be relevant:

It's Zack's project so we know at least one person who can use this Selenium thing.

(Selenium-related code:

Last edited 6 years ago by asn (previous) (diff)

comment:7 Changed 5 years ago by dardok

Cc: dardok added

comment:8 Changed 5 years ago by asn

Very related to #11183, and also to gsathya's new project 'htpt'.

comment:9 Changed 17 months ago by teor

Severity: Normal

Set all open tickets without a severity to "Normal"

comment:10 Changed 3 months ago by teor

Owner: asn deleted
Status: newassigned

asn does not need to own any obfuscation tickets any more. Default owners are trouble.

comment:11 Changed 2 months ago by cohosh

Status: assignednew

tickets were assigned to asn, setting them as unassigned (new) again.

Note: See TracTickets for help on using tickets.