From f7362094d3cf2978aa94c0f4d9a99c3c46cf8d3a Mon Sep 17 00:00:00 2001 From: ValdikSS Date: Wed, 31 Jul 2024 12:58:02 +0300 Subject: [PATCH] New modes: -8 and -9 -8 is -7 with added --wrong-seq, it sends two subsequent fake packets, one with incorrect sequence, and another one with incorrect checksum. -9 is -8 with QUIC block. --- README.md | 4 ++++ src/goodbyedpi.c | 11 ++++++++++- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 16fe92d..f906780 100644 --- a/README.md +++ b/README.md @@ -81,6 +81,10 @@ Modern modesets (more stable, more compatible, faster): -5 -f 2 -e 2 --auto-ttl --reverse-frag --max-payload (this is the default) -6 -f 2 -e 2 --wrong-seq --reverse-frag --max-payload -7 -f 2 -e 2 --wrong-chksum --reverse-frag --max-payload + -8 -f 2 -e 2 --wrong-seq --wrong-chksum --reverse-frag --max-payload + -9 -f 2 -e 2 --wrong-seq --wrong-chksum --reverse-frag --max-payload -q + + Note: combination of --wrong-seq and --wrong-chksum generates two different fake packets. ``` To check if your ISP's DPI could be circumvented, first make sure that your provider does not poison DNS answers by enabling "Secure DNS (DNS over HTTPS)" option in your browser. diff --git a/src/goodbyedpi.c b/src/goodbyedpi.c index fd912b0..d396e8c 100644 --- a/src/goodbyedpi.c +++ b/src/goodbyedpi.c @@ -648,7 +648,7 @@ int main(int argc, char *argv[]) { max_payload_size = 1200; } - while ((opt = getopt_long(argc, argv, "1234567pqrsaf:e:mwk:n", long_options, NULL)) != -1) { + while ((opt = getopt_long(argc, argv, "123456789pqrsaf:e:mwk:n", long_options, NULL)) != -1) { switch (opt) { case '1': do_passivedpi = do_host = do_host_removespace \ @@ -689,6 +689,12 @@ int main(int argc, char *argv[]) { do_wrong_seq = 1; max_payload_size = 1200; break; + case '9': // +7+8 + do_block_quic = 1; + // fall through + case '8': // +7 + do_wrong_seq = 1; + // fall through case '7': do_fragment_http = do_fragment_https = 1; do_reverse_frag = do_native_frag = 1; @@ -961,6 +967,9 @@ int main(int argc, char *argv[]) { " -5 -f 2 -e 2 --auto-ttl --reverse-frag --max-payload (this is the default)\n" " -6 -f 2 -e 2 --wrong-seq --reverse-frag --max-payload\n" " -7 -f 2 -e 2 --wrong-chksum --reverse-frag --max-payload\n" + " -8 -f 2 -e 2 --wrong-seq --wrong-chksum --reverse-frag --max-payload\n" + " -9 -f 2 -e 2 --wrong-seq --wrong-chksum --reverse-frag --max-payload -q\n\n" + "Note: combination of --wrong-seq and --wrong-chksum generates two different fake packets.\n" ); exit(EXIT_FAILURE); }