DuckSoft/trojan-insecure-killer.go

## trojan-insecure-killer.go
// Licensed under WTFPL

package main

import (
	"bytes"
	"crypto/rand"
	"crypto/rsa"
	"crypto/tls"
	"crypto/x509"
	"crypto/x509/pkix"
	"encoding/pem"
	"log"
	"math/big"
	"net"
	"time"
)

func main() {
	// generate cert
	pub, priv := generateSelfSignedCertificates()

	// load cert
	cert, e := tls.X509KeyPair(pub.Bytes(), priv.Bytes())
	if e != nil {
		panic(e)
	}

	// listen local
	listener, e := net.Listen("tcp4", ":4433")
	if e != nil {
		panic(e)
	}

	// construct tls config
	tlsConfig := tls.Config{
		Certificates: []tls.Certificate{cert},
		Rand: rand.Reader,
		InsecureSkipVerify: true,
	}

	// event loop
	for {
		conn, e := listener.Accept()
		if e != nil {
			continue
		}

		go func(conn net.Conn) {
			defer conn.Close()

			tlsConn := tls.Server(conn, &tlsConfig)
			if e = tlsConn.Handshake(); e != nil {
				return
			}

			buf := make([]byte, 4096)
			nSize, e := tlsConn.Read(buf)
			if e != nil {
				return
			}

			log.Printf("Trojan Packet Intercepted: %s", string(buf[:nSize]))
		}(conn)
	}
}

func generateSelfSignedCertificates() (pubCert *bytes.Buffer, privCert *bytes.Buffer){
	// generate a self-signed certificate.
	keyring, e := rsa.GenerateKey(rand.Reader, 2048)
	if e != nil {
		panic(e)
	}

	template := x509.Certificate{
		SerialNumber: big.NewInt(1),
		Subject: pkix.Name{
			Organization: []string{"Qv2ray & Alice & Bob"},
		},
		NotBefore: time.Now(),
		NotAfter: time.Now().Add(time.Hour * 24 * 90),
		KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
		ExtKeyUsage:           []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
		BasicConstraintsValid: true,
	}

	derBytes, e := x509.CreateCertificate(rand.Reader, &template, &template, &keyring.PublicKey, keyring)
	if e != nil {
		panic(e)
	}

	pubCert = &bytes.Buffer{}
	e = pem.Encode(pubCert, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
	if e != nil {
		panic(e)
	}

	privCert = &bytes.Buffer{}
	e = pem.Encode(privCert, &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(keyring)})
	if e != nil {
		panic(e)
	}

	return
}
	// Licensed under WTFPL

	package main

	import (
	"bytes"
	"crypto/rand"
	"crypto/rsa"
	"crypto/tls"
	"crypto/x509"
	"crypto/x509/pkix"
	"encoding/pem"
	"log"
	"math/big"
	"net"
	"time"
	)

	func main() {
	// generate cert
	pub, priv := generateSelfSignedCertificates()

	// load cert
	cert, e := tls.X509KeyPair(pub.Bytes(), priv.Bytes())
	if e != nil {
	panic(e)
	}

	// listen local
	listener, e := net.Listen("tcp4", ":4433")
	if e != nil {
	panic(e)
	}

	// construct tls config
	tlsConfig := tls.Config{
	Certificates: []tls.Certificate{cert},
	Rand: rand.Reader,
	InsecureSkipVerify: true,
	}

	// event loop
	for {
	conn, e := listener.Accept()
	if e != nil {
	continue
	}

	go func(conn net.Conn) {
	defer conn.Close()

	tlsConn := tls.Server(conn, &tlsConfig)
	if e = tlsConn.Handshake(); e != nil {
	return
	}

	buf := make([]byte, 4096)
	nSize, e := tlsConn.Read(buf)
	if e != nil {
	return
	}

	log.Printf("Trojan Packet Intercepted: %s", string(buf[:nSize]))
	}(conn)
	}
	}

	func generateSelfSignedCertificates() (pubCert bytes.Buffer, privCert bytes.Buffer){
	// generate a self-signed certificate.
	keyring, e := rsa.GenerateKey(rand.Reader, 2048)
	if e != nil {
	panic(e)
	}

	template := x509.Certificate{
	SerialNumber: big.NewInt(1),
	Subject: pkix.Name{
	Organization: []string{"Qv2ray & Alice & Bob"},
	},
	NotBefore: time.Now(),
	NotAfter: time.Now().Add(time.Hour * 24 * 90),
	KeyUsage: x509.KeyUsageKeyEncipherment \| x509.KeyUsageDigitalSignature,
	ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
	BasicConstraintsValid: true,
	}

	derBytes, e := x509.CreateCertificate(rand.Reader, &template, &template, &keyring.PublicKey, keyring)
	if e != nil {
	panic(e)
	}

	pubCert = &bytes.Buffer{}
	e = pem.Encode(pubCert, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
	if e != nil {
	panic(e)
	}

	privCert = &bytes.Buffer{}
	e = pem.Encode(privCert, &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(keyring)})
	if e != nil {
	panic(e)
	}

	return
	}