Skip to content

SNI Injecting tool for free internet (HTTP Injector)

Notifications You must be signed in to change notification settings

tiagovla/sni-injector

Repository files navigation

ssh-ssl-http-injector

http ssl ssh tunneling socks5 proxy
working on

windows, macos, linux


What is a SNI?

Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process.This allows a server to present one of multiple possible certificates on the same IP address and TCP port number and hence allows multiple secure (HTTPS) websites (or any other service over TLS) to be served by the same IP address without requiring all those sites to use the same certificate Read more

Here's a screenshot of Wireshark while I'm attempting to connect to zoom.us via https. ssl.handshake.sni As you can see, I applied the ssl.handshake.extensions server name=zoom.us filter to wrieshark to filter ssl handshakes where sni is zoom.us.

What is a SNI BUG Host

SNI bug hosts can be in various forms. They can be a packet host, a free CDN host, government portals, zero-rated websites, social media (subscription), and a variety of other sites. They also do a fantastic job of getting over your Internet service provider's firewall.

If you have a subscription to zoom.us and want to visit Zoom, your ISP's firewall will scan every time your SSL handshake to determine if the SNI is "zoom.us", and if it does, the firewall will enable you to keep that connection free fo charge. When you have a subscription to access internet, this is what happens.

What if we can modify our SNI and gain access to different sites? Yes! we can. However, SNI verification will fail, and the connection will be terminated by host. And We also have the option of our own SSL connection and use a proxy through it access the internet. Here's a simple diagram showing how it's done. option

how to use

  1. Add your SNI host and ssh host to settings.ini


  2. image

  3. Run python script. python3 tunnel.py

  4. Run ssh command.

    ssh -C -o "ProxyCommand=nc -X CONNECT -x 127.0.0.1:9092 %h %p" username@host -p 443 -CND 1080 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null
    or
    sshpass -p password ssh -C -o "ProxyCommand=nc -X CONNECT -x 127.0.0.1:9092 %h %p" username@1host -p 443 -v -CND 1080 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null

  5. Add socks5 proxy and Enjoy!
    host: 127.0.0.1
    port: 1080

About

SNI Injecting tool for free internet (HTTP Injector)

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 92.2%
  • Shell 7.8%