#SS数据备忘
备忘笔记,任何错误均不负责。
- 明文内容
- 密文内容
- 通讯模型
##明文 SS 的明文数据结构上类似 socks5 协议中描述的数据结构。但是更加简单。SS省略了 socks5 的握手环节。客户端直接把要发的 TCP 包内容写给了服务器。
@echo off | |
rem disbale proxy | |
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyEnable /t REG_DWORD /d 0 /f | |
rem enable proxy | |
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyEnable /t REG_DWORD /d 1 /f | |
rem set proxy | |
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyServer /t REG_SZ /d 127.0.0.1:8081 /f |
var Util = require('util'); | |
var Https = require('https'); | |
var Tls = require('tls'); | |
/** | |
* HTTPS Agent for node.js HTTPS requests via a proxy. | |
* blog.vanamco.com/connecting-via-proxy-node-js/ | |
*/ | |
function HttpsProxyAgent(options) | |
{ |
#SS数据备忘
备忘笔记,任何错误均不负责。
##明文 SS 的明文数据结构上类似 socks5 协议中描述的数据结构。但是更加简单。SS省略了 socks5 的握手环节。客户端直接把要发的 TCP 包内容写给了服务器。
# Rules for transparent proxying | |
iptables -N NO_PROXY -t nat | |
iptables -A NO_PROXY -t nat -d 0.0.0.0/8 -j ACCEPT | |
iptables -A NO_PROXY -t nat -d 10.0.0.0/8 -j ACCEPT | |
iptables -A NO_PROXY -t nat -d 127.0.0.0/8 -j ACCEPT | |
iptables -A NO_PROXY -t nat -d 169.254.0.0/16 -j ACCEPT | |
iptables -A NO_PROXY -t nat -d 172.16.0.0/12 -j ACCEPT | |
iptables -A NO_PROXY -t nat -d 192.168.0.0/16 -j ACCEPT | |
iptables -A NO_PROXY -t nat -d 224.0.0.0/4 -j ACCEPT | |
iptables -A NO_PROXY -t nat -d 240.0.0.0/4 -j ACCEPT |
#check your own ports .
sudo netstat -tupln
#How To Scan Ports with Nmap
#Nmap can reveal a lot of information about a host. It can also make system administrators of the target system think that someone has malicious intent. For this reason, only test it on servers that you own or in situations where you've notified the owners.
#The nmap creators actually provide a test server located at:
#scanme.nmap.org
##TCP FLAGS##
TCPDUMP FLAGS
Unskilled = URG = (Not Displayed in Flag Field, Displayed elsewhere) Attackers = ACK = (Not Displayed in Flag Field, Displayed elsewhere) Pester = PSH = [P] (Push Data) Real = RST = [R] (Reset Connection) Security = SYN = [S] (Start Connection)
L1 cache reference 0.5 ns | |
Branch mispredict 5 ns | |
L2 cache reference 7 ns 14x L1 cache | |
Mutex lock/unlock 25 ns | |
Main memory reference 100 ns 20x L2 cache, 200x L1 cache | |
Compress 1K bytes with Zippy 3,000 ns | |
Send 1K bytes over 1 Gbps network 10,000 ns 0.01 ms | |
Read 1 MB sequentially from memory 250,000 ns 0.25 ms | |
Round trip within same datacenter 500,000 ns 0.5 ms | |
Read 1 MB sequentially from SSD 1,000,000 ns 1 ms 4X memory |
Dockerized: V2ray + WebSocket + TLS + Web
also see: https://toutyrater.github.io/advanced/wss_and_web.html
Server side sontents:
Client side contents: