crash.software
Projects
Pull Requests
Issues
Builds
geneva
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY geneva Commits 1f21dcb0
🤬

  • Added client plugin to train against India's new SNI censorship

  • Loading...
  • Kkevsterrr committed 4 years ago
    1f21dcb0
    1 parent 4f44a82e
Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)
  • ■ ■ ■ ■ ■ ■
    airtel_sni/client.py
     1 +import argparse
     2 +import os
     3 +from plugins.plugin_client import ClientPlugin
     4 +from subprocess import Popen, PIPE, TimeoutExpired
     5 + 
     6 + 
     7 +class SNIIndiaClient(ClientPlugin):
     8 + """
     9 + Defines the SNI client.
     10 + """
     11 + name = "airtel_sni"
     12 + 
     13 + def __init__(self, args):
     14 + """
     15 + Initializes the SNI client.
     16 + """
     17 + ClientPlugin.__init__(self)
     18 + self.args = args
     19 + 
     20 + @staticmethod
     21 + def get_args(command):
     22 + """
     23 + Defines args for this plugin
     24 + """
     25 + super_args = ClientPlugin.get_args(command)
     26 + 
     27 + parser = argparse.ArgumentParser(description="India SNI client")
     28 + 
     29 + parser.add_argument("--server", action='store', help='server to connect to')
     30 + parser.add_argument("--sni", action="store", help="sni to include in tls client hello")
     31 + parser.add_argument("--timeout", action="store", help="timeout for requests", type=int)
     32 + 
     33 + args, _ = parser.parse_known_args(command)
     34 + args = vars(args)
     35 + super_args.update(args)
     36 + 
     37 + return super_args
     38 + 
     39 + def run(self, args, logger, engine=None):
     40 + """
     41 + Try to start a TLS handshake with the SNI set to a censored website and see if we receive a RST
     42 + """
     43 + 
     44 + fitness = 0
     45 + port = int(args["port"])
     46 + server = args["server"]
     47 + sni = args["sni"]
     48 + timeout = args["timeout"]
     49 + 
     50 + proc = Popen(["openssl", "s_client", "-connect" ,"%s:%d" % (server, port), "-servername", sni], stdin=PIPE, stdout=PIPE, stderr=PIPE)
     51 + 
     52 + try:
     53 + outs, errs = proc.communicate(input=b"Q", timeout=timeout)
     54 + 
     55 + if b"read 0 bytes" in outs:
     56 + fitness -= 90
     57 + logger.debug("TLS handshake blocked")
     58 + elif proc.returncode == 0:
     59 + fitness += 100
     60 + logger.debug("TLS handshake successful")
     61 + else:
     62 + fitness -= 100
     63 + logger.debug("Unknown error")
     64 + except TimeoutExpired:
     65 + proc.kill()
     66 + fitness -= 100
     67 + logger.debug("Timeout")
     68 + 
     69 + return fitness * 4
     70 + 
Please wait...
Page is in error, reload to recover