(github.com)

157 points josephscott | 2 comments | 20 Nov 24 22:49 UTC | HN request time: 0.463s | source

Show context

tomsonj ◴[21 Nov 24 02:46 UTC] No.42200584[source]▶

>>42198954 (OP) #

chisel is a similar tool in this space https://github.com/jpillora/chisel

I don’t get why headers and requests need to be spoofed if all traffic is over https?

replies(4): >>42200669 #>>42200828 #>>42201273 #>>42201386 #

1. mhio ◴[21 Nov 24 03:30 UTC] No.42200828[source]▶

>>42200584 #

The headers are seen by the monster-in-the-middle CDN.

It's obfuscation at best. I'm not sure the encrypted traffic will look particularly php-ish for example. Compressed formats might look vaguely passable.

I can't see any stenography code or libraries in the repo.

replies(1): >>42205903 #

2. tomsonj ◴[21 Nov 24 16:25 UTC] No.42205903[source]▶

>>42200828 (TP) #

yeah if the CDN is not trusted this tool won’t help but then little would

↑

Doxx/Darkflare: DarkFlare TCPoCDN (TCP over CDN)