GreaterFire
commented
5 years ago Try outputting the log to a file using -l flag.
Closed JonathanHouten closed 5 years ago
GreaterFire
commented
5 years ago Try outputting the log to a file using -l flag.
JonathanHouten
commented
5 years ago Try outputting the log to a file using
-lflag.
[2019-03-28 23:43:39] [WARN] trojan service (client) started at 127.0.0.1:1081
[2019-03-28 23:43:54] [INFO] 127.0.0.1:52272 requested connection to www.bing.com:443
[2019-03-28 23:43:54] [INFO] 127.0.0.1:52273 requested connection to tiles.services.mozilla.com:443
[2019-03-28 23:43:55] [INFO] 127.0.0.1:52274 requested connection to www.google.com:443
[2019-03-28 23:43:57] [ERROR] 127.0.0.1:52273 cannot establish connection to remote server cakeisalie.cf:443: 由于目标计算机积极拒绝,无法连接。
[2019-03-28 23:43:57] [INFO] 127.0.0.1:52273 disconnected, 0 bytes received, 517 bytes sent, lasted for 3 seconds
[2019-03-28 23:43:57] [ERROR] 127.0.0.1:52272 cannot establish connection to remote server cakeisalie.cf:443: 由于目标计算机积极拒绝,无法连接。
[2019-03-28 23:43:57] [INFO] 127.0.0.1:52272 disconnected, 0 bytes received, 517 bytes sent, lasted for 3 seconds
[2019-03-28 23:44:02] [ERROR] 127.0.0.1:52274 cannot establish connection to remote server cakeisalie.cf:443: 由于目标计算机积极拒绝,无法连接。
[2019-03-28 23:44:02] [INFO] 127.0.0.1:52274 disconnected, 0 bytes received, 517 bytes sent, lasted for 7 seconds
[2019-03-28 23:44:12] [WARN] got signal: 2
[2019-03-28 23:44:12] [WARN] trojan service stopped
Looks like a firewall misconfiguration. Are you sure on the same machine and network you can access your server through the browser? Also, it's strange that it works on your phone but not on the computer, since they are both the very same program. Try trojan on another computer?
JonathanHouten
commented
5 years ago I tried to disable windows firewall,which not works. I dont have any anti-virous software on my computer.
And I promise it is on the exact same machine and exact same network I can access my server through the broswer.I tried serially.
Today i tried an other network.And the result are the same.I now believe it is my computer's problem,but I just cant locate where it is. It seems trojan works fine in my VM(using nat network)
I will try trojan on an other physical machine later.
Now all of us are confused with trojan.
k79e
commented
5 years ago Viewing 443(ssl port) from http is not allowed. It's sending plain text to ssl port so connection can't be established.
k79e
commented
5 years ago You need to set plain_http_response to make it looks perfect. Get the 400 bad from your web server yourself and make trojan use it when it encounted your situation.
Then your GET sent to tls port which is browser view server port should be look exactly same as webserver's error page.
k79e
commented
5 years ago Hi developer!!! There is a big bug about plain_http_response!!! It only sent raw packet but the packet's Date in http header should be changing every time a client view. e.g
HTTP/1.1 400 Bad Request
Server: nginx/1.16.0
Date: Sun, 23 Jun 2019 05:47:02 GMT
Content-Type: text/html
Content-Length: 255
Connection: close
<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx/1.16.0</center>
</body>
</html>Notice the code above the html tag is the http header. The http header contains the time info. If we use this raw packet everytime. The time is never change!!! It's easy to find that it's a fake respond!!!! Because the "Date: xxxxxx" is always same.
So I think trojan should modify the raw packet's Date: to correct value.
HarukaMa
commented
5 years ago @kxmp Why assume HTTPS web servers should return such message when accessed HTTPS port with HTTP?
Just turn it off.
k79e
commented
5 years ago @a-fruity-melon No. It must enabled. Because different web server act differently. You use trojan means you pretend as a web server. Your nginx must not look like apache. And your nginx must not look like github's webserver. Cloudflare is based on nginx and it must not look like apache or other webserver.
e.g You pretend to nginx but your respond is not look like nginx. It's surely something is wrong. Also. Your nginx behaves same as non-nginx server that's also a clue that this server is not same as others.
Also. Nginx's 400 can't be disabled. The nginx also return 400bad if it get a "GET" from 443.
HarukaMa
commented
5 years ago @kxmp Close connection on error 497
k79e
commented
5 years ago @HarukaMa I think what you say is like cipher suit scsv. Why all web browser remove scsv at the end?? It's not necessary but it's a behavior. If your behavior is not same as what you want to pretented. It's a evidence that you are exposed. Others can's sure it's a proxy server but can sure know this server behavior is different from all webserver. Even it's a same server. I think it's not a problem that trojan is designed to close connection when it got other header. But tls application is must not only webserver. e.g Dns overtls. The trojan's aim is to pretend to webserver not a just TLS server. Your tls webserver looks like a dns one. It's surely a funny thing.
trojan 1.10.1 Output:
(Output same under powershell)
I use the typical config on my server there are,i think.
Browser is firefox.Setting are
Server is fully functional. I can connect useing pharos at the same network. Have tried rest winsock. Both server and client had been updater,which didt fix anything.
Additional info: When i use differnet way to connect my server in broswer i get different result.
OuO