Restls Protocol: A Perfect Impersonation of TLS;
A protocol that can disguise your proxy traffic as regular TLS traffic:
- Disguise your proxy server as any TLS server, such as
microsoft.com. - Developed based on utls, Disguise your proxy client as a normal browser.
- Use the
Restls-Scriptprotocol to conceal your proxy behavior and break characteristics such as "TLS in TLS".
- 把你的代理服务器伪装成任何一个TLS服务器,例如
microsoft.com。 - 基于utls开发,把你的代理客户端伪装成一个普通的浏览器。
- 使用Restls「剧本」协议,隐藏你的代理行为,破坏"TLS in TLS"等特征。
Hide Your Proxy Traffic Behavior
"TLS in TLS" and other proxy-specific traffic behaviors can be used to identify TLS-based protocols. A typical "TLS in TLS" connection is shown in the following diagram:
"TLS in TLS"等代理特有流量行为可以被用来识别基于TLS的协议,一个典型的"TLS in TLS"连接如图所示:
Restls disrupts these obvious proxy behavior
characteristics through the use of "restls-scripts". The following
diagram shows Restls traffic disguised using restls-scripts:
Restls通过「剧本」机制来破坏这些明显的代理行为特征,下图为使用「剧本」伪装后的Restls流量:
If you want to learn more about how restls-scripts work and how to design your own, please refer to: Restls-Script: Hide Your Proxy Traffic Behavior
如果你想了解更多关于「剧本」是如何运作的,以及如何设计自己的「剧本」,请参考:Restls-Script: 隐藏你的代理行为
Usage
Download the latest release
Or build it from source:
cargo build --release
Basic usage:
USAGE:
restls --forward-to <forward-to> --listen <listen> --log-level <log-level> --password <password> --server-hostname <server-hostname> --script <script>
To deploy a Restls Service:
- Start the shadowsocks server:
ss-server -s 127.0.0.1 -p 8888 -k [YOUR_SS_PASSWORD]
restls -s "www.microsoft.com" -l "0.0.0.0:443" -p [YOUR_RESTLS_PASSWORD] -f "127.0.0.1:8888" --script "200?100,400?100,1200?200<1,1100~300,1000~100<1,2500~500,1300~50,1300~50,100~1200"
restls -s "vscode.dev" -l "0.0.0.0:443" -p [YOUR_RESTLS_PASSWORD] -f "127.0.0.1:8888" --script "200?100,400?100,1200?200<1,1100~300,1000~100<1,2500~500,1300~50,1300~50,100~1200"
- name: restls-tls13
type: ss
server: [YOUR_SERVER_IP]
port: 443
cipher: chacha20-ietf-poly1305
password: [YOUR_SS_PASSWORD]
plugin: restls
plugin-opts:
host: "www.microsoft.com" # Must be a TLS 1.3 server
password: [YOUR_RESTLS_PASSWORD]
version-hint: "tls13"
client-id: chrome # One of: chrome, ios, firefox or safari
- name: restls-tls12
type: ss
server: [YOUR_SERVER_IP]
port: 443
cipher: chacha20-ietf-poly1305
password: [YOUR_SS_PASSWORD]
plugin: restls
plugin-opts:
host: "vscode.dev" # Must be a TLS 1.2 server
password: [YOUR_RESTLS_PASSWORD]
version-hint: "tls12"
client-id: firefox # One of: chrome, ios, firefox or safari from https://github.com/3andne/restls ---------restls-client-go
This is the core client side library that powers the restls protocol. It is based on the refraction-networking/utls and has been modified to provide ClientHello fingerprinting resistance for Restls. It is able to parrot four types of TLS clients:
ioschromesafarifirefox
Credits
restls-client-go is developed based on refraction-networking/utls.
from https://github.com/3andne/restls-client-go
(https://github.com/3andne/restls-client-go/releases)
No comments:
Post a Comment