<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Proxy on Lutong's Homepage</title><link>https://www.elliot98.top/tags/proxy/</link><description>Recent content in Proxy on Lutong's Homepage</description><generator>Hugo</generator><language>zh-cn</language><lastBuildDate>Fri, 03 Feb 2023 11:39:33 +0800</lastBuildDate><atom:link href="https://www.elliot98.top/tags/proxy/index.xml" rel="self" type="application/rss+xml"/><item><title>Wicklight protocol design</title><link>https://www.elliot98.top/post/tech/wicklight/</link><pubDate>Fri, 03 Feb 2023 11:39:33 +0800</pubDate><guid>https://www.elliot98.top/post/tech/wicklight/</guid><description>&lt;h1 id="wicklight-protocol-design"&gt;Wicklight protocol design&lt;/h1&gt;
&lt;h2 id="abstract"&gt;Abstract&lt;/h2&gt;
&lt;p&gt;This document specifies Wicklight protocol. Wicklight is a common HTTP(s) proxy with probe-resistant.&lt;/p&gt;
&lt;h2 id="copyright-notice"&gt;Copyright Notice&lt;/h2&gt;
&lt;p&gt;Copyright (c) 2023 Elliot Chen. All rights reserved.&lt;/p&gt;
&lt;h2 id="1-introduction"&gt;1. Introduction&lt;/h2&gt;
&lt;p&gt;Wicklight should also be Probe-Resistance and Traffic-Analysis-Resistance. It also supports UDP proxy with an additional client.&lt;/p&gt;
&lt;h3 id="11-conventions-and-terminology"&gt;1.1. Conventions and Terminology&lt;/h3&gt;
&lt;p&gt;The key words &amp;ldquo;MUST&amp;rdquo;, &amp;ldquo;MUST NOT&amp;rdquo;, &amp;ldquo;REQUIRED&amp;rdquo;, &amp;ldquo;SHALL&amp;rdquo;, &amp;ldquo;SHALL NOT&amp;rdquo;,
&amp;ldquo;SHOULD&amp;rdquo;, &amp;ldquo;SHOULD NOT&amp;rdquo;, &amp;ldquo;RECOMMENDED&amp;rdquo;, &amp;ldquo;NOT RECOMMENDED&amp;rdquo;, &amp;ldquo;MAY&amp;rdquo;, and
&amp;ldquo;OPTIONAL&amp;rdquo; in this document are to be interpreted as described in
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.&lt;/p&gt;</description></item><item><title>Wicktls protocol design</title><link>https://www.elliot98.top/post/tech/wicktls/</link><pubDate>Tue, 10 Jan 2023 15:19:59 +0800</pubDate><guid>https://www.elliot98.top/post/tech/wicktls/</guid><description>&lt;h1 id="wicktls-protocol-design"&gt;Wicktls protocol design&lt;/h1&gt;
&lt;h2 id="abstract"&gt;Abstract&lt;/h2&gt;
&lt;p&gt;This document specifies Wicktls protocol. Wicktls allows building
a tunnel based on an SSL/TLS connection with strong traffic reshaping.&lt;/p&gt;
&lt;h2 id="copyright-notice"&gt;Copyright Notice&lt;/h2&gt;
&lt;p&gt;Copyright (c) 2022 Elliot Chen. All rights reserved.&lt;/p&gt;
&lt;h2 id="1-introduction"&gt;1. Introduction&lt;/h2&gt;
&lt;p&gt;The primary goal of Wicktls is to build a security tunnel based on
an SSL/TLS connection. It should also be Probe-Resistance and
Traffic-Analysis-Resistance.&lt;/p&gt;
&lt;h3 id="11--conventions-and-terminology"&gt;1.1. Conventions and Terminology&lt;/h3&gt;
&lt;p&gt;The key words &amp;ldquo;MUST&amp;rdquo;, &amp;ldquo;MUST NOT&amp;rdquo;, &amp;ldquo;REQUIRED&amp;rdquo;, &amp;ldquo;SHALL&amp;rdquo;, &amp;ldquo;SHALL NOT&amp;rdquo;,
&amp;ldquo;SHOULD&amp;rdquo;, &amp;ldquo;SHOULD NOT&amp;rdquo;, &amp;ldquo;RECOMMENDED&amp;rdquo;, &amp;ldquo;NOT RECOMMENDED&amp;rdquo;, &amp;ldquo;MAY&amp;rdquo;, and
&amp;ldquo;OPTIONAL&amp;rdquo; in this document are to be interpreted as described in
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.&lt;/p&gt;</description></item><item><title>论文笔记| On Using Application-Layer Middlebox Protocols for Peeking Behind NAT Gateways</title><link>https://www.elliot98.top/post/lab/ndss2020-2/</link><pubDate>Sun, 15 Mar 2020 21:26:28 +0800</pubDate><guid>https://www.elliot98.top/post/lab/ndss2020-2/</guid><description>&lt;ul&gt;
&lt;li&gt;Teemu Rytilahti et al.&lt;/li&gt;
&lt;li&gt;Ruhr University Bochum&lt;/li&gt;
&lt;li&gt;NDSS 2020&lt;/li&gt;
&lt;/ul&gt;
&lt;h1 id="背景"&gt;背景&lt;/h1&gt;
&lt;p&gt;网络扫描是一种互联网上的普遍攻击手段。由于 NAT 协议的使用，使得很多设备无法被扫描到。但是许多设备需要使用端对端协议，因此使用了各种NAT穿透手段。这些代理手段安全性不足可能导致攻击的发生。&lt;/p&gt;
&lt;h1 id="contribution"&gt;Contribution&lt;/h1&gt;
&lt;ul&gt;
&lt;li&gt;建立不同的方法扫描和分析网络请求。&lt;/li&gt;
&lt;li&gt;分析持久性NAT传统协议及其不足：UPnP IGD and NAT-PMP/PCP&lt;/li&gt;
&lt;li&gt;分许临时性NAT穿透协议及其不足：Socks以及HTTP代理&lt;/li&gt;
&lt;/ul&gt;
&lt;h1 id="nat-穿透协议分析"&gt;NAT 穿透协议分析&lt;/h1&gt;
&lt;h2 id="upnp"&gt;UPNP&lt;/h2&gt;
&lt;ol&gt;
&lt;li&gt;首先通过互联网发送构造的SSDP消息找到暴露在公网中的接入点。&lt;/li&gt;
&lt;li&gt;通过接入点获取端口映射信息&lt;/li&gt;
&lt;li&gt;也可以通过接口建立新的端口转发关系来绕过 NAT&lt;/li&gt;
&lt;/ol&gt;
&lt;p&gt;目前发生已有攻击的迹象，并构造蜜罐来明确攻击途径。&lt;/p&gt;
&lt;h2 id="nat-pmp-and-pcp"&gt;NAT-PMP AND PCP&lt;/h2&gt;
&lt;p&gt;NAT-PMP 提供了查询网关外部地址、建立新映射的功能。PCP是其继任者，提供了IPv6和外部映射的功能。但是这个协议不提供直接查询已有端口映射的接口。&lt;/p&gt;
&lt;p&gt;尽管发现了部分服务被暴露在了公网，但是大部分都提示无认证、并无法进行下一步攻击。&lt;/p&gt;
&lt;h1 id="proxy-分析"&gt;Proxy 分析&lt;/h1&gt;
&lt;p&gt;文章的第二个工作点非常明朗，就是HTTP/SOCKS代理有没有配置漏洞，导致可以代理到本地的服务。发现 3% 的开放代理中有 23% 存在此漏洞。&lt;/p&gt;</description></item></channel></rss>