Open Iorpim opened 2 years ago
The stack trace points to line 278. The problem is the lack of a check for a negative result from the strings.Index call in line 277, if the message doesn't have the string "host:" in it this function call returns -1, what causes the out of range error in the next line.
I'll submit a small PR to address this later.
The current SNI censorship bypass for non-TSL HTTP relies on checking if the first byte received is an alphabet ASCII character(server.go#L266), however this breaks the connection handling if the message is in simple ASCII and it isn't HTTP.
How to replicate: Simply send a packet containing a simple ASCII string through the SOCKS proxy.
Example:
nc -klvp 8080
And in another terminal:echo "Test" | proxychains nc -v 127.0.0.1 8080
This results in an slice bounds out of range error
Improving protocol detection, or simply assuming it isn't HTTP if an error is received during the detection segment, should fix it.