obfs

package

v0.6.0 Latest Latest Go to latest Published: Aug 11, 2025 License: MIT Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/XLESSGo/XLESS

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func WrapPacketConn(conn net.PacketConn, obfs Obfuscator) net.PacketConn
type DnsObfuscator
- func NewDnsObfuscator(psk []byte) (*DnsObfuscator, error)
- func (o *DnsObfuscator) Deobfuscate(in, out []byte) int
- func (o *DnsObfuscator) Obfuscate(in, out []byte) int
type DtlsObfuscator
- func NewDtlsObfuscator(psk []byte) (*DtlsObfuscator, error)
- func (o *DtlsObfuscator) Deobfuscate(in, out []byte) int
- func (o *DtlsObfuscator) Obfuscate(in, out []byte) int
type Obfuscator
- func NewObfuscatorFromConfig(cfg ObfuscatorConfig) (Obfuscator, error)
type ObfuscatorConfig
type SalamanderObfuscator
- func NewSalamanderObfuscator(psk []byte) (*SalamanderObfuscator, error)
- func (o *SalamanderObfuscator) Deobfuscate(in, out []byte) int
- func (o *SalamanderObfuscator) Obfuscate(in, out []byte) int
type SshObfuscator
- func NewSshObfuscator(psk []byte) (*SshObfuscator, error)
- func (o *SshObfuscator) Deobfuscate(in, out []byte) int
- func (o *SshObfuscator) Obfuscate(in, out []byte) int

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrPSKTooShort = fmt.Errorf("PSK must be at least %d bytes", smPSKMinLen)

Functions ¶

func WrapPacketConn ¶

func WrapPacketConn(conn net.PacketConn, obfs Obfuscator) net.PacketConn

WrapPacketConn enables obfuscation on a net.PacketConn. The obfuscation is transparent to the caller - the n bytes returned by ReadFrom and WriteTo are the number of original bytes, not after obfuscation/deobfuscation.

Types ¶

type DnsObfuscator ¶ added in v0.4.1

type DnsObfuscator struct {
	PSK []byte // Pre-shared key for AES key derivation
	// contains filtered or unexported fields
}

DnsObfuscator is an obfuscator that mimics a DNS A record query. It embeds the encrypted payload into the DNS question section.

func NewDnsObfuscator ¶ added in v0.4.1

func NewDnsObfuscator(psk []byte) (*DnsObfuscator, error)

NewDnsObfuscator creates a new DnsObfuscator instance.

func (*DnsObfuscator) Deobfuscate ¶ added in v0.4.1

func (o *DnsObfuscator) Deobfuscate(in, out []byte) int

Deobfuscate extracts the encrypted payload from a fake DNS query and decrypts it.

func (*DnsObfuscator) Obfuscate ¶ added in v0.4.1

func (o *DnsObfuscator) Obfuscate(in, out []byte) int

Obfuscate wraps the payload in a fake DNS query.

type DtlsObfuscator ¶ added in v0.4.1

type DtlsObfuscator struct {
	PSK []byte
	// contains filtered or unexported fields
}

DtlsObfuscator implements a stateful obfuscator that mimics a simplified DTLS handshake.

func NewDtlsObfuscator ¶ added in v0.4.1

func NewDtlsObfuscator(psk []byte) (*DtlsObfuscator, error)

NewDtlsObfuscator creates a new DtlsObfuscator instance.

func (*DtlsObfuscator) Deobfuscate ¶ added in v0.4.1

func (o *DtlsObfuscator) Deobfuscate(in, out []byte) int

Deobfuscate extracts and decrypts the payload from a fake DTLS packet.

func (*DtlsObfuscator) Obfuscate ¶ added in v0.4.1

func (o *DtlsObfuscator) Obfuscate(in, out []byte) int

Obfuscate wraps the payload in a fake DTLS packet with random padding.

type Obfuscator ¶

type Obfuscator interface {
	Obfuscate(in, out []byte) int
	Deobfuscate(in, out []byte) int
}

Obfuscator is the interface that wraps the Obfuscate and Deobfuscate methods. Both methods return the number of bytes written to out. If a packet is not valid, the methods should return 0.

func NewObfuscatorFromConfig ¶ added in v0.0.1

func NewObfuscatorFromConfig(cfg ObfuscatorConfig) (Obfuscator, error)

NewObfuscatorFromConfig is a factory function that creates and returns an Obfuscator interface instance based on the provided configuration. It centralizes the instantiation logic for different obfuscation protocols.

type ObfuscatorConfig ¶ added in v0.0.1

type ObfuscatorConfig struct {
	Type     string `mapstructure:"type"`     // Type of the obfuscator (e.g., "salamander", "scramble", "chameleon", "stealthflow", "quantumshuffle")
	Password string `mapstructure:"password"` // Pre-shared key/password used by the obfuscator

}

ObfuscatorConfig defines the common configuration structure for all obfuscators. This allows for unified configuration parsing.

type SalamanderObfuscator ¶

type SalamanderObfuscator struct {
	PSK     []byte
	RandSrc *rand.Rand
	// contains filtered or unexported fields
}

SalamanderObfuscator is an obfuscator that obfuscates each packet with the BLAKE2b-256 hash of a pre-shared key combined with a random salt. Packet format: [8-byte salt][payload]

func NewSalamanderObfuscator ¶

func NewSalamanderObfuscator(psk []byte) (*SalamanderObfuscator, error)

func (*SalamanderObfuscator) Deobfuscate ¶

func (o *SalamanderObfuscator) Deobfuscate(in, out []byte) int

func (*SalamanderObfuscator) Obfuscate ¶

func (o *SalamanderObfuscator) Obfuscate(in, out []byte) int

type SshObfuscator ¶ added in v0.4.1

type SshObfuscator struct {
	PSK []byte
	// contains filtered or unexported fields
}

SshObfuscator implements a stateful obfuscator that mimics a simplified SSH handshake.

func NewSshObfuscator ¶ added in v0.4.1

func NewSshObfuscator(psk []byte) (*SshObfuscator, error)

NewSshObfuscator creates a new SshObfuscator instance.

func (*SshObfuscator) Deobfuscate ¶ added in v0.4.1

func (o *SshObfuscator) Deobfuscate(in, out []byte) int

Deobfuscate extracts and decrypts the payload from a fake SSH packet.

func (*SshObfuscator) Obfuscate ¶ added in v0.4.1

func (o *SshObfuscator) Obfuscate(in, out []byte) int

Obfuscate wraps the payload in a fake SSH packet based on the current state.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL