Skip to content

edwardz246003/shadowsocks

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
1 branch 0 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
README.md
 
 
Redirect attack on Shadowsocks stream ciphers.pdf
 
 
attack2_with_https_pocket.py
 
 
attack_with_http_pocket.py
 
 
Redirect attack on Shadowsocks stream ciphers Vulnerable versions Suggestions Credit Timeline

README.md

Redirect attack on Shadowsocks stream ciphers

Shadowsocks is a secure split proxy loosely based on SOCKS5. It’s widely used in china. I found a vulnerability in shadowsocks protocol which break the confidentiality of shadowsocks stream cipher. A passive attacker can easily decrypt all the encrypted shadowsocks packet using our redirect attack. Even more, a man-in-the-middle attacker can modify traffic in real time like there is no encryption at all.

Details of the attack can be found in the pdf. And a POC can be found in the python code.

Vulnerable versions

shadowsocks-py, shadowsocoks-go, shadowsocoks-nodejs

Suggestions

Do not use : shadowsocks-py, shadowsocoks-go, shadowsocoks-nodejs.

Only Use: shadowsocks-libev, go-shadowsocks2 and only use the AEAD ciphers

Credit

Zhiniang Peng (@edwardzpeng) of Qihoo 360 Core Security

Timeline

28/12/2018: Vulnerability found

26/01/2019: Technique details upload

26/03/2019: POC upload

12/02/2020: Published

About

Redirect attack on Shadowsocks stream ciphers

Resources

Readme

Stars

385 stars

Watchers

13 watching

Forks

72 forks

Releases

No releases published

Packages

No packages published

Languages