oxeo0/blog-contributions
1
0
Fork 0
mirror of http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions.git synced 2025-07-02 11:56:40 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

complete

Browse source
This commit is contained in:
Zer0 2024-11-27 14:10:31 +00:00
parent f36ae94d51
commit 8dc72c8b4f
6 changed files with 58 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

75
opsec/v2ray_tutorial/index.html
View file

@ -116,12 +116,38 @@
</li> </li>
<li> <li>
<h3><u>why v2ray? </u></h3> <h3><u>why v2ray? </u></h3>
<p>wireguard as well as openvpn <mark> does not provide any obfuscation feature </mark>and will be easily detected by header match or DPI <p>If your country marks TOR traffic as illegal and you want to access onions what would you do?
thats why v2rays customized protocols work , traffic to/from these will look like normal traffic to an extend. <br><br>
just hop onto some VPN's to mask TOR traffic?
<br>
(mostly based off wireguard and openvpn)
<br><br>
but what if they're also blocked and made illegal to use?
<br>
<img src="./is-vpn-legal-in-your-country.jpeg" width="100%">
<br><br>
Thats where V2RAY becomes a necessity!
<br><br>
V2rays ability to obfuscate and make packets appear to be genuine webtraffic makes it kindof <b>UNDECTECTABLE</b>.
<img src="./wg_limitation.png" width="100%">
Wireguard as well as openvpn <mark> does not provide any obfuscation feature </mark>and will be detected easily by header match or DPI.
<img src="./wg_official2.png" width="100%">
<br>
(they have this in their codebase which clearly shows how to detect Wireguard traffic)
<a href="https://github.com/wireshark/wireshark/blob/ef9c79ae81b00a63aa8638076ec81dc9482972e9/epan/dissectors/packet-wireguard.c#L1618-L1625">ref</a>
</p> </p>
<p>TODO:CAN SHOWCASE SOME WG PACKETS AND V2RAY packets in MITM prespective> </p> <p>But How does a V2ray traffic look like? </p>
Here's a Wireshark dump of <mark> curl archlinux.org</mark> with and without v2ray.
<br>
<img src="./v2ray_domain_Fronted_traffic.png" width="100%">
<br><br>
As you could see requests to archlinux.org ( with v2ray ) goes to a popular website giphy but is actually communicating to our V2ray server behind the CDN through Websocket protocol.
<br>
(Domain Fronting method is being used here)
<br><br>
<blockquote class="blockquote"> <blockquote class="blockquote">
As mentioned earlier, we could use v2ray to make our own versions of primitive protocols to "fool the wall". we could use v2ray to make our own versions of primitive protocols to "fool the wall".
</blockquote> </blockquote>
<br><br> <br><br>
</li> </li>
@ -178,7 +204,7 @@
<div class="container"> <div class="container">
<div class="row"> <div class="row">
<div class="col-lg-8 col-lg-offset-2"> <div class="col-lg-8 col-lg-offset-2">
<h2><b>Getting Started</b></h2> </br> </br> <h2><b>Serverside Setup</b></h2> </br> </br>
<p>an overview of v2ray server config looks like this</p> <p>an overview of v2ray server config looks like this</p>
<img src="" class="imgRz"> <img src="" class="imgRz">
<pre><code class="nim"> <pre><code class="nim">
@ -298,7 +324,7 @@ x-ui v1.8.7 installation finished, it is up and running now...
############################################### ###############################################
</blockquote> </blockquote>
<p class="lead" class="nim">Example <p class="lead" class="nim">Example
http://127.0.0.1:9566/EwAJmwAHwMk7FLK/ http://198.41.128.88:9566/EwAJmwAHwMk7FLK/
<br>Once you access the web portal,use the username and password as above. <br>Once you access the web portal,use the username and password as above.
</p> </p>
</p> </p>
@ -356,14 +382,22 @@ $ ./v2rayN
</code> </code>
</pre> </pre>
After executing the above command a GUI will popup.
<br> <br>
change route settings (optional) change route settings (optional) within Settings(on top) > Regional Presets Settings > Russia
<br> <br>
<br> <br>
<img src="./russia.png" alt=""> <img src="./russia.png" alt="">
<br> <br>
<br> <br>
Thats it ! <blockquote>
Routing is used when you want to avoid proxy for regional websites.
<br>
(A direct connection without proxy will be made by the clientside app based-off IP or Domain name)
</blockquote>
<p class="lead">
Ex. if we access 1tv.ru, with this setting turned on it will be resolved using our actual IP than our Proxy IP
</p>
</ul> </ul>
</div> </div>
</div><!-- /row --> </div><!-- /row -->
@ -376,7 +410,7 @@ $ ./v2rayN
<div class="container"> <div class="container">
<div class="row"> <div class="row">
<div class="col-lg-8 col-lg-offset-2"> <div class="col-lg-8 col-lg-offset-2">
<h2><b>Configuration</b></h2> <h2><b>Censorship Evasion technique #1 - Domain Fronting</b></h2>
<br><br> <br><br>
<p> <p>
Setting up a v2ray server alone doesnt bypass any censors(it would be obvious if we push a large amount of traffic),rather we use some methods to make the traffic look geniune. Setting up a v2ray server alone doesnt bypass any censors(it would be obvious if we push a large amount of traffic),rather we use some methods to make the traffic look geniune.
@ -416,8 +450,16 @@ $ ./v2rayN
We can do inbounds to port 443(TLS port) and adjust inbound settings to have <b>Fallback</b> but that requires one to have an inbound config with TCP transport within the panel. We can do inbounds to port 443(TLS port) and adjust inbound settings to have <b>Fallback</b> but that requires one to have an inbound config with TCP transport within the panel.
</blockquote> </blockquote>
TODO: Explain fallback above somewhere or here <p class="lead">
A Fallback is when you want to expose only one standard HTTP/HTTPS port(80,443) to receive inbounds but want to use different protocols like VMESS,Shadowsock... with the same port.
<br>
Fallback Can only be used with TCP/XTLS transport modes.
<br>
</p>
<br><br> <br><br>
Now from Settings >> Now from Settings >>
<img src="./cdn_settings.png"> <img src="./cdn_settings.png">
<br> <br>
@ -429,9 +471,9 @@ $ ./v2rayN
<img src="./ws_enabled.png"> <img src="./ws_enabled.png">
<br> <br>
Now lets add VCL for HTTP Connection Upgrade(Since we want to switch to Websocket) Now lets add VCL for HTTP Connection Upgrade(Since we want to switch to Websocket)
<img src="./vcl.png" alt=""> <img src="./vcl.png" width="100%">
<br> <br>
<img src="./upgr.png" alt=""> <img src="./upgr.png" width="100%">
<pre><code class="nim"> <pre><code class="nim">
if (req.http.Upgrade) { if (req.http.Upgrade) {
return (upgrade); return (upgrade);
@ -448,7 +490,7 @@ return (upgrade);
<div class="container"> <div class="container">
<div class="row"> <div class="row">
<div class="col-lg-8 col-lg-offset-2"> <div class="col-lg-8 col-lg-offset-2">
<h2><b>Testing Config</b></h2> <h2><b>Clientside Setup</b></h2>
In this section we'll discuss how to connect to the prementioned setup using domain fronting technique. In this section we'll discuss how to connect to the prementioned setup using domain fronting technique.
<ul> <ul>
<li> <li>
@ -477,9 +519,6 @@ return (upgrade);
<br> <br>
<br> <br>
</li> </li>
<li>
<h3><u>Android</u></h3>
<p></p>
</ul> </ul>
<h2><b>Testing Tor</b></h2> <h2><b>Testing Tor</b></h2>
<p> <p>
@ -491,7 +530,7 @@ return (upgrade);
(Proxy port shown in v2ray. (Proxy port shown in v2ray.
So that connection made by tor will go through v2ray server) So that connection made by tor will go through v2ray server)
<img src="./tor_proxy_settings.png" alt=""> <img src="./tor_proxy_settings.png" width="100%">
<br> <br>
<blockquote> <blockquote>
If we were to save it and try to connect <b>it will fail</b>. If we were to save it and try to connect <b>it will fail</b>.
@ -510,6 +549,8 @@ return (upgrade);
<br><br> <br><br>
As you could see, traffic goes to fastly server rather than tor nodes. As you could see, traffic goes to fastly server rather than tor nodes.
<br>(Youre seeing Websocket traffic to and from 192.168.1.2(LAN IP) to a Fastly CDN(Anycast IP)) <br>(Youre seeing Websocket traffic to and from 192.168.1.2(LAN IP) to a Fastly CDN(Anycast IP))
<br>br
<img src="./test_tor.png" width="100%">
</p> </p>
</div> </div>
</div> </div>

BIN
opsec/v2ray_tutorial/is-vpn-legal-in-your-country.jpeg Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 61 KiB

BIN
opsec/v2ray_tutorial/test_tor.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 254 KiB

BIN
opsec/v2ray_tutorial/v2ray_domain_Fronted_traffic.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 698 KiB

BIN
opsec/v2ray_tutorial/wg_limitation.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 27 KiB

BIN
opsec/v2ray_tutorial/wg_official2.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 60 KiB