this post was submitted on 30 Nov 2023
428 points (93.9% liked)
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
54500 readers
719 users here now
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
💰 Please help cover server costs.
Ko-fi | Liberapay |
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
umm, I got confused. Let tell you exactly about the use case. so on a site like this " https://sshocean.com/ssh-ssl " I create an account, and I get something like this: where do I insert this payload (what client for windows or Ubuntu)? and how do I insert the desired SNI that I want to be in front of my ISP? I know of http injector with whom the trick works on android, I mean ssh/ssl stunnel.
In your .ssh/config you want something like:
Host my-ssh-ssl Hostname us01.ssh0.net User sshocean-p1r4t2br Password myparrot2 Port 443 ProxyCommand ~/.ssh/https-tunnel.sh %h %p
Then you have a ~/.ssh/https-tunnel.sh something like:
#!/usr/bin/env bash { printf "GET /HTTP/1.1\r\nHost:$1\r\nUpgrade:websocket\r\n"; cat } | openssl s_client -connect $1:$2 -servername $1
That last bit, -servername is the SNI bit, if you need it. BUT I think that payload might be for port 2083. I think 443 might be just the OpenSSL connect directly.
then I initiate this using stunnel from terminal ?(Ubuntu OS)
No, stunnel is go othere end. If you doing only the client end, you.don't need it.