-
Notifications
You must be signed in to change notification settings - Fork 0
/
transport_http_evasion_strategies.sh
executable file
·41 lines (35 loc) · 1.53 KB
/
transport_http_evasion_strategies.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
#!/bin/bash
# Script to run Geneva's transport layer strategies on HTTP requests
# to a censored domain
# Function that will kill the engine running in the background and
# reset iptables
cleanup() {
for session in $(screen -ls | grep -o '[0-9]*\.geneva'); do screen -S "${session}" -X quit; done
iptables -F
iptables -I OUTPUT -p tcp --tcp-flags RST,ACK RST,ACK -d 95.85.96.0/19 -j DROP
iptables -I OUTPUT -p tcp --tcp-flags RST RST -d 95.85.96.0/19 -j DROP
}
# Obtain command line arguments for server's IP address, censored domain,
# server/destination port, and source port.
ip_address=$1
censored_domain=$2
sport=$3
dport=$4
# Create an array of all the strategies to be tested
declare -a strategies=("[TCP:flags:PA]-fragment{tcp:8:True}-| \/" "[TCP:flags:S]-duplicate(,duplicate(tamper{TCP:flags:replace:R}(tamper{TCP:chksum:corrupt},),))-| \/" "[TCP:flags:S]-duplicate(tamper{TCP:flags:replace:R},)-| \/")
# Clone the Geneva repository and cd into it
git clone https://github.com/Kkevsterrr/geneva.git
cd geneva
# Iterate through all of the strategies
for i in "${strategies[@]}"
do
echo "Running Strategy:" $i
# Run the Geneva engine in the background for the current strategy
screen -dmS geneva bash -c "python3 engine.py --server-port $dport --strategy \"$i\""
sleep 1
# Execute a curl command to the censored domain via HTTPS
sudo curl --local-port $sport -H "Host: $censored_domain" $ip_address:$dport
sleep 1
# Increment the source port by 1 for the next strategy
sport=$((sport + 1))
done