chisel is a similar tool in this space

tomsonj • today at 2:46 AM • 4 replies • view on HN

chisel is a similar tool in this space https://github.com/jpillora/chisel

I don’t get why headers and requests need to be spoofed if all traffic is over https?

Replies

The headers are seen by the monster-in-the-middle CDN.

It's obfuscation at best. I'm not sure the encrypted traffic will look particularly php-ish for example. Compressed formats might look vaguely passable.

I can't see any stenography code or libraries in the repo.

coretx • today at 4:58 AM

Because SNI. Also, State (sponsored) Actors are certificate authorities. HTTPS is the biggest scam in internet history. https://en.wikipedia.org/wiki/Server_Name_Indication

➕ show 1 reply

duskwuff • today at 5:22 AM

> I don’t get why headers and requests need to be spoofed if all traffic is over https?

Because the traffic is to a CDN endpoint (like Cloudflare) which expects it to be a HTTP message.

Titan2189 • today at 3:01 AM

> I don’t get why headers and requests need to be spoofed if all traffic is over https?

https://en.wikipedia.org/wiki/Deep_packet_inspection

➕ show 1 reply

alt Hacker News

Replies