246 lines
6.8 KiB
Markdown
246 lines
6.8 KiB
Markdown
# 【M22项目】VPN特征提取-何勇
|
||
|
||
| ID | Creation Date | Assignee | Status |
|
||
|----|----------------|----------|--------|
|
||
| OSS-380 | 2024-09-23T16:17:33.000+0800 | 何勇 | 处理中 |
|
||
|
||
|
||
---
|
||
|
||
1、VPN信息表:[https://docs.geedge.net/display/TSGEN/M22-VPN+List]
|
||
|
||
2、序号:168、 171、 176、 177、 179、 181、 182、 183、 185
|
||
|
||
3、分析过程、结果同步到:[https://docs.geedge.net/pages/viewpage.action?pageId=129101971]**heyong** commented on *2024-09-26T14:08:02.964+0800*:
|
||
|
||
2024/09/25 完成Apk逆向代码中全部IP地址及URL字符串提取,部分有API文档及github上开源代码的分析。寻找可能存在的特征。
|
||
|
||
|
||
|
||
---
|
||
|
||
**heyong** commented on *2024-09-26T23:21:09.775+0800*:
|
||
|
||
完成初始特征配置 对VPN官网及下载路径进行添加
|
||
|
||
|
||
|
||
---
|
||
|
||
**heyong** commented on *2024-10-10T21:22:50.815+0800*:
|
||
|
||
完成app首次安装及启动连接过程中的https代理解析,获取http内容
|
||
|
||
|
||
|
||
---
|
||
|
||
**heyong** commented on *2024-10-16T21:06:55.991+0800*:
|
||
|
||
Snap VPN 自动化封堵代码部署到XXG,目前已完成42个服务器IP获取 穿透率低于10%,自动化程序仍在继续运行,直到24小时穿透率为0,
|
||
|
||
|
||
|
||
---
|
||
|
||
**heyong** commented on *2024-10-18T00:10:02.981+0800*:
|
||
|
||
Snap VPN 自动化封堵 测试拨测1276次,获取服务器IP 65个,连续拨测4小时140次 未穿透。
|
||
|
||
|
||
|
||
---
|
||
|
||
**heyong** commented on *2024-10-19T12:53:24.498+0800*:
|
||
|
||
SliceVPN 使用 单跳服务器ServerIP 与多跳服务器fqdn 安卓模拟器 连续拨测10小时 200次 未穿透
|
||
|
||
|
||
|
||
---
|
||
|
||
**heyong** commented on *2024-10-20T13:15:45.336+0800*:
|
||
|
||
SuperNetVPN 单跳VPN 安卓模拟器使用自动化拨测工具获取服务器IP共计16个,自动拨测8小时 400 次 未穿透
|
||
|
||
|
||
|
||
---
|
||
|
||
**heyong** commented on *2024-10-21T22:26:33.095+0800*:
|
||
|
||
SuperSpeedVPNProxy XXG环境自动化拨测 单跳服务器,共计获取IP 84 个 拨测两小时 未穿透,封堵后界面显示连接成功 但是无法连接任何网络。
|
||
|
||
|
||
|
||
---
|
||
|
||
**heyong** commented on *2024-10-23T13:15:37.051+0800*:
|
||
|
||
SuperVPN XXG环境自动化拨测,采用opencv图片比对功能,交叉验证及未知广告超时退出机制,自动化关闭广告。
|
||
|
||
单跳服务器,目前共计获取IP 274 个 尚未完成封堵、自动化程序持续运行。
|
||
|
||
|
||
|
||
---
|
||
|
||
**heyong** commented on *2024-10-27T18:37:18.698+0800*:
|
||
|
||
StartVPN 使用http代理解析获取到api.vpnstart.net 一个api及8个服务器节点IP,但是这个vpn无法正常使用,物理机、模拟器、埃塞、XXG环境在没有策略条件下均无法连接使用。
|
||
|
||
|
||
|
||
---
|
||
|
||
**heyong** commented on *2024-10-27T18:38:27.666+0800*:
|
||
|
||
SuperVPN XXG环境自动化拨测,采用opencv图片比对功能,交叉验证及未知广告超时退出机制,自动化关闭广告。
|
||
|
||
单跳服务器,目前共计获取IP 1600 个 尚未完成封堵、自动化程序持续运行。
|
||
|
||
|
||
|
||
---
|
||
|
||
**heyong** commented on *2024-11-08T14:12:53.682+0800*:
|
||
|
||
StarkVPNReloaded 尝试多种模拟器均无法启动,使用物理机 自动化捕包,E21-Demo环境封堵测试,提取3个FQDN特征,拨测12小时 未穿透,安卓系统能够完成封堵。
|
||
|
||
|
||
|
||
---
|
||
|
||
**heyong** commented on *2024-11-18T15:02:58.847+0800*:
|
||
|
||
SuperVPN XXG环境自动化拨测,采用opencv图片比对功能,交叉验证及未知广告超时退出机制,自动化关闭广告。已累计拨测17554次,累计获取服务器共计4073个,24小时阻断率94%,继续运行自动测试程序获取服务器IP。
|
||
|
||
|
||
|
||
---
|
||
|
||
|
||
|
||
# Attachments
|
||
|
||
Attachment: M22VPN.xlsx
|
||
|
||
[M22VPN.xlsx](https://gfwleak.exec.li/admin/geedge-jira/raw/branch/master/attachment/65599/M22VPN.xlsx)
|
||
|
||
|
||
|
||
Attachment: SliceVPN_20241017.png
|
||
|
||
|
||
|
||
|
||
|
||
Attachment: SliceVPN_20241118.json
|
||
|
||
[SliceVPN_20241118.json](https://gfwleak.exec.li/admin/geedge-jira/raw/branch/master/attachment/66233/SliceVPN_20241118.json)
|
||
|
||
|
||
|
||
Attachment: SliceVPN_https解析.json
|
||
|
||
[SliceVPN_https解析.json](https://gfwleak.exec.li/admin/geedge-jira/raw/branch/master/attachment/63694/SliceVPN_https解析.json)
|
||
|
||
|
||
|
||
Attachment: SliceVPN.png
|
||
|
||
|
||
|
||
|
||
|
||
Attachment: SnapVPN_20241018.json
|
||
|
||
[SnapVPN_20241018.json](https://gfwleak.exec.li/admin/geedge-jira/raw/branch/master/attachment/63533/SnapVPN_20241018.json)
|
||
|
||
|
||
|
||
Attachment: SnapVPN_20241118-1.json
|
||
|
||
[SnapVPN_20241118-1.json](https://gfwleak.exec.li/admin/geedge-jira/raw/branch/master/attachment/66234/SnapVPN_20241118-1.json)
|
||
|
||
|
||
|
||
Attachment: SnapVPN_https解析.json
|
||
|
||
[SnapVPN_https解析.json](https://gfwleak.exec.li/admin/geedge-jira/raw/branch/master/attachment/63696/SnapVPN_https解析.json)
|
||
|
||
|
||
|
||
Attachment: StarkVPNReloaded_20241108.png
|
||
|
||
|
||
|
||
|
||
|
||
Attachment: StartVPN_20240926.json
|
||
|
||
[StartVPN_20240926.json](https://gfwleak.exec.li/admin/geedge-jira/raw/branch/master/attachment/63361/StartVPN_20240926.json)
|
||
|
||
|
||
|
||
Attachment: StartVPN_20241118.json
|
||
|
||
[StartVPN_20241118.json](https://gfwleak.exec.li/admin/geedge-jira/raw/branch/master/attachment/66230/StartVPN_20241118.json)
|
||
|
||
|
||
|
||
Attachment: StartVPN_https解析.json
|
||
|
||
[StartVPN_https解析.json](https://gfwleak.exec.li/admin/geedge-jira/raw/branch/master/attachment/63695/StartVPN_https解析.json)
|
||
|
||
|
||
|
||
Attachment: SuperNetVPN_20241020.jpg
|
||
|
||
|
||
|
||
|
||
|
||
Attachment: SuperNetVPN_20241118.json
|
||
|
||
[SuperNetVPN_20241118.json](https://gfwleak.exec.li/admin/geedge-jira/raw/branch/master/attachment/66236/SuperNetVPN_20241118.json)
|
||
|
||
|
||
|
||
Attachment: SuperNetVPN_https解析.json
|
||
|
||
[SuperNetVPN_https解析.json](https://gfwleak.exec.li/admin/geedge-jira/raw/branch/master/attachment/63698/SuperNetVPN_https解析.json)
|
||
|
||
|
||
|
||
Attachment: SuperSpeedVPNProxy_20241021.jpg
|
||
|
||
|
||
|
||
|
||
|
||
Attachment: SuperSpeedVPNProxy_20241118.json
|
||
|
||
[SuperSpeedVPNProxy_20241118.json](https://gfwleak.exec.li/admin/geedge-jira/raw/branch/master/attachment/66237/SuperSpeedVPNProxy_20241118.json)
|
||
|
||
|
||
|
||
Attachment: SuperSpeedVPNProxy_https解析.json
|
||
|
||
[SuperSpeedVPNProxy_https解析.json](https://gfwleak.exec.li/admin/geedge-jira/raw/branch/master/attachment/63697/SuperSpeedVPNProxy_https解析.json)
|
||
|
||
|
||
|
||
Attachment: SuperVPN_20241024.jpg
|
||
|
||
|
||
|
||
|
||
|
||
Attachment: SuperVPN_20241118.json
|
||
|
||
[SuperVPN_20241118.json](https://gfwleak.exec.li/admin/geedge-jira/raw/branch/master/attachment/66238/SuperVPN_20241118.json)
|
||
|
||
|
||
|