-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathREADME
45 lines (30 loc) · 1.13 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
LINKS
- https://github.com/v2fly/v2ray-core/issues/2054
- https://www.youtube.com/watch?v=k6VrXFEozPM
REQUIRES
- Linux operating system
- C++ 20 compiler
- 48 GiB RAM
- 48 GiB disk space
- vulnerable V2Ray version (<= 5.1.0)
RUN STEPS
1. install dependencies
$ sudo apt install libpcap-dev
2. build this program
$ g++ -std=gnu++20 -O2 -o vmess-identify-poc main.cpp -lpcap -pthread
3. build lookup table (takes about tens of minutes to several hours)
$ ./vmess-identify-poc generate
4. (optional) warm up lookup table
$ cat patterns.dat > /dev/null
5. (optional) turn off segmentation offload
$ sudo ethtool -K <network interface> gso off gro off tso off
6. start analyzing network traffic
$ sudo tcpdump -i <network interface> -U -w - | ./vmess-identify-poc
7. start you v2ray client and server (in another terminal)
$ v2ray run -c <config file>
NOTES
1. Need to capture all packets sent by v2ray, so you need to start tcpdump
first, and then (re-)start the v2ray.
2. Only Ethernet Caputre and IPv4 supported. Linux Cooked Capture is NOT
supported. IPv6 is NOT supported.
3. Precision is almost 100%, but recall is not.