### Install Python Dependencies (Python) Source: https://github.com/kkevsterrr/geneva/blob/master/docs/intro/setup.rst Installs Python project dependencies listed in the requirements.txt file using pip for Python 3. ```python # python3 -m pip install -r requirements.txt ``` -------------------------------- ### Build Geneva Base Docker Container (Bash) Source: https://github.com/kkevsterrr/geneva/blob/master/docs/intro/setup.rst Builds the Docker base image for Geneva, tagged as 'base:latest', using the provided Dockerfile located in the 'docker/' directory. ```bash docker build -t base:latest -f docker/Dockerfile . ``` -------------------------------- ### Run Geneva Base Docker Container (Bash) Source: https://github.com/kkevsterrr/geneva/blob/master/docs/intro/setup.rst Runs the Geneva base Docker container interactively, allowing for manual inspection and exploration of the image's environment. ```bash docker run -it base ``` -------------------------------- ### Install Netfilterqueue Dependencies (Bash) Source: https://github.com/kkevsterrr/geneva/blob/master/docs/intro/setup.rst Installs essential build tools, Python development headers, netfilterqueue library, FFI, SSL, iptables, and Python 3 pip for Geneva on Debian-based systems. ```bash # sudo apt-get install build-essential python-dev libnetfilter-queue-dev libffi-dev libssl-dev iptables python3-pip ``` -------------------------------- ### Geneva Strategy DNA Syntax Examples Source: https://github.com/kkevsterrr/geneva/blob/master/docs/howitworks/howitworks.rst Examples of Geneva's Strategy DNA syntax, illustrating the representation of actions with single or multiple children, parameters, and specific flags. ```geneva-dna [TCP:flags:S]-duplicate(,)-| ``` ```geneva-dna [TCP:flags:S]-tamper{}(,)-| ``` ```geneva-dna [TCP:flags:S]-tamper{TCP:flags:replace:A}-| ``` ```geneva-dna [TCP:flags:A]-duplicate(tamper{TCP:flags:replace:R}(tamper{TCP:chksum:corrupt},),)-| \/ ``` -------------------------------- ### Geneva Logging Structure Example (Shell) Source: https://github.com/kkevsterrr/geneva/blob/master/docs/howitworks/logging.rst Demonstrates the directory structure and log file organization created by Geneva's logging system. It shows the creation of time-stamped trial directories and the various log files generated during strategy evaluation. ```none # ls trials 2020-03-23_20:03:08 # ls trials/2020-03-23_20:03:08 data flags generations logs packets # ls trials/2020-03-23_20:03:08/logs ga.log ga_debug.log zhak1n81_client.log zhak1n81_engine.log zhak1n81_server.log ``` -------------------------------- ### Geneva Strategy DNA Syntax: Outbound Forest Example Source: https://github.com/kkevsterrr/geneva/blob/master/docs/howitworks/howitworks.rst This example illustrates a simple Geneva strategy using the Strategy DNA syntax, demonstrating an outbound forest with a TCP ACK trigger and duplicate/tamper actions. ```none TCP:flags:ACK duplicate tamper {TCP:flags:replace:R} tamper {TCP:chksum:corrupt} ``` -------------------------------- ### Install Netfilterqueue from GitHub (Debian 10) Source: https://github.com/kkevsterrr/geneva/blob/master/README.md Installs the netfilterqueue Python package directly from its GitHub repository. This is a workaround for potential issues with the standard installation on Debian 10 systems. ```Python # sudo python3 -m pip install --upgrade -U git+https://github.com/kti/python-netfilterqueue ``` -------------------------------- ### Install Python Dependencies Source: https://github.com/kkevsterrr/geneva/blob/master/README.md Installs the Python package dependencies for Geneva from the requirements.txt file using pip. This ensures all necessary Python libraries are available for the project's execution. ```Python # python3 -m pip install -r requirements.txt ``` -------------------------------- ### Install Netfilterqueue Dependencies (Debian/Ubuntu) Source: https://github.com/kkevsterrr/geneva/blob/master/README.md Installs necessary system libraries and tools required for Geneva's netfilterqueue integration on Debian-based systems. This includes build essentials, Python development headers, netfilterqueue libraries, and iptables. ```Bash # sudo apt-get install build-essential python-dev libnetfilter-queue-dev libffi-dev libssl-dev iptables python3-pip ``` -------------------------------- ### Python Client Plugin Example Source: https://github.com/kkevsterrr/geneva/blob/master/docs/extending/plugins.rst Defines a custom client plugin named 'whitelister' that subclasses the ClientPlugin. It includes initialization logic and is designed to interact with Geneva's evaluation system, potentially for testing censorship mechanisms. ```python class WhitelisterClient(ClientPlugin): """ Defines the whitelister client. """ name = "whitelister" def __init__(self, args): """ Initializes the whitelister client. """ ClientPlugin.__init__(self) self.args = args ``` -------------------------------- ### Run evolve.py for HTTP Tests with Debug Logging Source: https://github.com/kkevsterrr/geneva/blob/master/docs/howitworks/evaluator.rst This command executes the evolve.py script for HTTP tests, specifying a public IP, an external client named 'example', enabling debug logging, evaluating an empty strategy ('/'), and running in server-side mode. ```bash # python3 evolve.py --test-type http --public-ip --external-client example \ # --log debug --eval-only "\/" --server-side ``` -------------------------------- ### Run evolve.py with External Server and Specific Server Source: https://github.com/kkevsterrr/geneva/blob/master/docs/howitworks/evaluator.rst This command runs evolve.py for HTTP tests, specifying a public IP, an external client 'example', enabling debug logging, evaluating an empty strategy ('/'), and directing traffic to an external server (wikipedia.org). ```bash # python3 evolve.py --test-type http --public-ip --external-client example \ # --log debug --eval-only "\/" --external-server --server http://wikipedia.org ``` -------------------------------- ### Python: Use Geneva Engine as Context Manager Source: https://github.com/kkevsterrr/geneva/blob/master/README.md This Python code demonstrates how to use the Geneva engine within a 'with' statement, applying a specified strategy to network traffic on a given port. The engine automatically starts when entering the context and cleans up upon exiting. It requires the 'engine' module and uses 'os.system' to simulate network activity. ```Python import os import engine # Port to run the engine on port = 80 # Strategy to use strategy = "[TCP:flags:A]-duplicate(tamper{TCP:flags:replace:R}(tamper{TCP:chksum:corrupt},),)-| \/" # Create the engine in debug mode with engine.Engine(port, strategy, log_level="debug") as eng: os.system("curl http://example.com?q=ultrasurf") ``` -------------------------------- ### Run Geneva Evaluator (Client-Side) Source: https://github.com/kkevsterrr/geneva/blob/master/docs/howitworks/evaluator.rst This command executes the Geneva evaluator in client-side mode using the HTTP plugin to test access to a forbidden server. It starts the 'evolve.py' script with specific parameters for evaluation only, targeting HTTP requests to 'forbidden.org' with debug logging enabled. ```none # python3 evolve.py --eval-only "\/" --test-type http --server forbidden.org --log debug ``` -------------------------------- ### Evaluate a Single Strategy with Geneva Source: https://github.com/kkevsterrr/geneva/blob/master/docs/howitworks/evolution.rst Use the `--eval-only` option with `evolve.py` to perform a single strategy evaluation without starting the full genetic algorithm. This is useful for testing specific strategies. ```Python python evolve.py --eval-only ``` -------------------------------- ### Geneva Strategy Example: TCP ACK Manipulation Source: https://github.com/kkevsterrr/geneva/blob/master/README.md Illustrates a censorship evasion strategy that triggers on TCP ACK packets. It duplicates the packet, modifying one copy with a RST flag and corrupted checksum, while the other remains unchanged. Both modified packets are then sent. ```text +---------------+ | TCP:flags:A | <-- triggers on TCP packets with the flags field set to 'ACK' +-------+-------+ matching packets are captured and pulled into the tree | +---------v---------+ duplicate <-- makes two copies of the given packet. the tree is processed +---------+---------+ with an inorder traversal, so the left side is run first | +-------------+------------+ | | +------------v----------+ v <-- duplicate has no right child, so this packet will be sent on the wire unimpacted tamper {TCP:flags:replace:R} <-- parameters to this action describe how the packet should be tampered +------------+----------+ | +------------v----------+ tamper {TCP:chksum:corrupt} +------------+----------+ | v <-- packets that emerge from an in-order traversal of the leaves are sent on the wire This strategy triggers on `TCP` packets with the `flags` field set to `ACK`. It makes a duplicate of the `ACK` packet; the first duplicate has its flags field changed to `RST` and its checksum (`chksum`) field corrupted; the second duplicate is unchaged. Both packets are then sent on the network. ``` -------------------------------- ### Run Geneva Strategy Source: https://github.com/kkevsterrr/geneva/blob/master/docs/intro/gettingstarted.rst This snippet demonstrates how to run the Geneva engine with a specified strategy and server port. It also shows the expected debug output, including the creation of the engine, configuration of iptables rules for network traffic queuing. ```bash # python3 engine.py --server-port 80 --strategy "\/" --log debug 2019-10-14 16:34:45 DEBUG:[ENGINE] Engine created with strategy \/ (ID bm3kdw3r) to port 80 2019-10-14 16:34:45 DEBUG:[ENGINE] Configuring iptables rules 2019-10-14 16:34:45 DEBUG:[ENGINE] iptables -A OUTPUT -p tcp --sport 80 -j NFQUEUE --queue-num 1 2019-10-14 16:34:45 DEBUG:[ENGINE] iptables -A INPUT -p tcp --dport 80 -j NFQUEUE --queue-num 2 2019-10-14 16:34:45 DEBUG:[ENGINE] iptables -A OUTPUT -p udp --sport 80 -j NFQUEUE --queue-num 1 2019-10-14 16:34:45 DEBUG:[ENGINE] iptables -A INPUT -p udp --dport 80 -j NFQUEUE --queue-num 2 ``` -------------------------------- ### Run Geneva Genetic Algorithm Source: https://github.com/kkevsterrr/geneva/blob/master/docs/howitworks/puttingittogether.rst Executes Geneva's genetic algorithm with specified population size, number of generations, test type, and target server. This command is used for client-side evolution against HTTP censorship. ```bash python3 evolve.py --population 200 --generations 25 --test-type http --server forbidden.org ``` -------------------------------- ### Run Geneva Engine with iptables Configuration (Bash) Source: https://github.com/kkevsterrr/geneva/blob/master/docs/howitworks/engine.rst This bash script demonstrates how to run the Geneva engine with a specified server port and strategy. It also shows the iptables rules configured by the engine to capture and queue network traffic for processing. ```bash # python3 engine.py --server-port 80 --strategy "\/" --log debug 2019-10-14 16:34:45 DEBUG:[ENGINE] Engine created with strategy \/ (ID bm3kdw3r) to port 80 2019-10-14 16:34:45 DEBUG:[ENGINE] Configuring iptables rules 2019-10-14 16:34:45 DEBUG:[ENGINE] iptables -A OUTPUT -p tcp --sport 80 -j NFQUEUE --queue-num 1 2019-10-14 16:34:45 DEBUG:[ENGINE] iptables -A INPUT -p tcp --dport 80 -j NFQUEUE --queue-num 2 2019-10-14 16:34:45 DEBUG:[ENGINE] iptables -A OUTPUT -p udp --sport 80 -j NFQUEUE --queue-num 1 2019-10-14 16:34:45 DEBUG:[ENGINE] iptables -A INPUT -p udp --dport 80 -j NFQUEUE --queue-num 2 ``` -------------------------------- ### Geneva Evaluator Script Source: https://github.com/kkevsterrr/geneva/blob/master/docs/howitworks/evaluation.rst The core script responsible for evaluating censorship evasion strategies. It assigns a numerical fitness score to each strategy based on a defined fitness function, guiding the genetic algorithm's search. ```Python evaluator.py ``` -------------------------------- ### Parse Arguments for Whitelister Client Source: https://github.com/kkevsterrr/geneva/blob/master/docs/extending/plugins.rst Defines and parses command-line arguments for the Whitelister Client plugin. It includes arguments for the server to connect to and integrates with super class arguments. ```python @staticmethod def get_args(command): """ Defines args for this plugin """ super_args = ClientPlugin.get_args(command) parser = argparse.ArgumentParser(description='Whitelister Client') parser.add_argument('--server', action='store', help="server to connect to") args, _ = parser.parse_known_args(command) args = vars(args) super_args.update(args) return super_args ``` -------------------------------- ### Geneva Strategy DNA Syntax: Action Tree Structure Source: https://github.com/kkevsterrr/geneva/blob/master/docs/howitworks/howitworks.rst Demonstrates the basic structure of action trees in Geneva's Strategy DNA, showing how triggers are linked to actions using '|' and '-' separators. ```text [TCP:flags:S]-drop-| [TCP:flags:S]-duplicate-| ``` -------------------------------- ### WhitelisterClient Class Definition Source: https://github.com/kkevsterrr/geneva/blob/master/docs/extending/plugins.rst Defines the complete WhitelisterClient class, inheriting from ClientPlugin. It includes initialization, argument parsing, and the run method for network interaction and fitness evaluation. ```python class WhitelisterClient(ClientPlugin): """ Defines the whitelister client. """ name = "whitelister" def __init__(self, args): """ Initializes the whitelister client. """ ClientPlugin.__init__(self) self.args = args @staticmethod def get_args(command): """ Defines args for this plugin """ super_args = ClientPlugin.get_args(command) parser = argparse.ArgumentParser(description='Whitelister Client') parser.add_argument('--server', action='store', help="server to connect to") args, _ = parser.parse_known_args(command) args = vars(args) super_args.update(args) return super_args def run(self, args, logger, engine=None): """ Try to open a socket, send two messages, and see if the messages time out. """ fitness = 0 port = int(args["port"]) server = args["server"] try: client = socket.socket(socket.AF_INET, socket.SOCK_STREAM) client.settimeout(3) client.connect((server, port)) ``` -------------------------------- ### Link libc.a for Netfilterqueue (Arch Linux) Source: https://github.com/kkevsterrr/geneva/blob/master/README.md Creates a symbolic link for libc.a in the /usr/lib64 directory. This is a reported requirement for netfilterqueue to function correctly on some Arch Linux systems. ```Bash sudo ln -s -f /usr/lib64/libc.a /usr/lib64/liblibc.a ``` -------------------------------- ### Use Geneva Engine Python API as Context Manager (Python) Source: https://github.com/kkevsterrr/geneva/blob/master/docs/howitworks/engine.rst This Python script shows how to use the Geneva engine's Python API as a context manager. It initializes the engine with a specific port and strategy, applies it to network traffic, and automatically cleans up when the context is exited. ```python import os import engine # Port to run the engine on port = 80 # Strategy to use strategy = "[TCP:flags:A]-duplicate(tamper{TCP:flags:replace:R}(tamper{TCP:chksum:corrupt},),)-| \/" # Create the engine in debug mode with engine.Engine(port, strategy, log_level="debug") as eng: os.system("curl http://example.com?q=ultrasurf") ``` -------------------------------- ### Run Whitelister Client and Evaluate Fitness Source: https://github.com/kkevsterrr/geneva/blob/master/docs/extending/plugins.rst Implements the 'run' method for the Whitelister Client. It connects to a specified server, sends 'G', 'E', 'T' messages, and determines fitness based on successful communication or socket errors, including timeouts. ```python def run(self, args, logger, engine=None): """ Try to open a socket, send two messages, and see if the messages time out. """ fitness = 0 port = int(args["port"]) server = args["server"] try: client = socket.socket(socket.AF_INET, socket.SOCK_STREAM) client.settimeout(3) client.connect((server, port)) client.sendall(b"G") time.sleep(0.25) client.sendall(b"E") time.sleep(0.25) client.sendall(b"T\r\n\r\n") server_data = client.recv(1024) logger.debug("Data recieved: %s", server_data.decode('utf-8', 'ignore')) if server_data: fitness += 100 else: fitness -= 90 client.close() # ... except socket.timeout: logger.debug("Client: Timeout") fitness -= 90 except socket.error as exc: fitness -= 100 logger.exception("Socket error caught in client echo test.") finally: logger.debug("Client finished whitelister test.") return fitness * 4 ``` -------------------------------- ### Build Geneva Docker Base Image Source: https://github.com/kkevsterrr/geneva/blob/master/docker/README.md Builds the Docker base image for Geneva using a Dockerfile. This command tags the image as 'base:latest'. ```bash docker build -t base:latest -f docker/Dockerfile . ``` -------------------------------- ### Run Geneva as Middlebox Source: https://github.com/kkevsterrr/geneva/blob/master/docs/howitworks/evaluator.rst This command demonstrates how to run the Geneva strategy engine as a middlebox. It requires specifying various routing options to control traffic flow between an external client and a target server, with the engine acting as an intermediary. ```none python3 evolve.py --test-type http --public-ip --external-client example --log debug --eval-only "/" --server-side --act-as-middlebox --routing-ip --forward-ip --sender-ip ``` -------------------------------- ### Run Geneva Docker Base Image Interactively Source: https://github.com/kkevsterrr/geneva/blob/master/docker/README.md Runs the Docker base image interactively, allowing for manual inspection and exploration of the container's environment. ```bash docker run -it base ``` -------------------------------- ### TCP Strategy: Duplicate and Tamper TCP Options Source: https://github.com/kkevsterrr/geneva/blob/master/strategies.md This snippet illustrates network strategies involving duplicating TCP flags and tampering with TCP options, such as 'options-wscale' and 'options-md5header'. It includes checksum corruption as well. ```Network Strategy [TCP:flags:PA]-duplicate(tamper{TCP:options-wscale:corrupt}(tamper{TCP:dataofs:replace:8},),)-| ``` ```Network Strategy [TCP:flags:A]-duplicate(,tamper{TCP:options-md5header:corrupt}(tamper{TCP:flags:replace:R},))-| ``` ```Network Strategy [TCP:flags:A]-duplicate(,tamper{TCP:options-md5header:corrupt}(tamper{TCP:flags:replace:R},))-| ``` ```Network Strategy [TCP:flags:A]-duplicate(,tamper{TCP:flags:replace:FRAPUN}(tamper{TCP:options-md5header:corrupt},))-| ``` -------------------------------- ### TCP Strategy: Fragment TCP Packets Source: https://github.com/kkevsterrr/geneva/blob/master/strategies.md This snippet demonstrates network strategies that involve fragmenting TCP packets with specific parameters. It includes variations in fragmentation. ```Network Strategy [TCP:flags:PA]-fragment{tcp:8:True}(,fragment{tcp:4:True})-| ``` ```Network Strategy [TCP:flags:PA]-fragment{tcp:-1:True}-| ``` -------------------------------- ### Geneva Argument Parsing Source: https://github.com/kkevsterrr/geneva/blob/master/docs/howitworks/evolution.rst Geneva employs a pass-through system for argument parsing, allowing different components to define and parse their relevant arguments. Using `--help` aggregates help messages from various components. ```Python python evolve.py --help ``` -------------------------------- ### Geneva Strategy DNA Syntax: Protocol Triggers Source: https://github.com/kkevsterrr/geneva/blob/master/docs/howitworks/howitworks.rst Defines how to specify triggers in Geneva's Strategy DNA syntax. Triggers are protocol-specific and can include fields, values, and optional gas parameters. ```text [TCP:flags:S] [IP:version:4:4] [IP:version:4:-2] ``` -------------------------------- ### TCP Strategy: Duplicate and Tamper TCP Flags (R) Source: https://github.com/kkevsterrr/geneva/blob/master/strategies.md This snippet showcases network strategies that duplicate TCP flags and replace them with 'R'. It includes variations with checksum corruption and IP TTL replacement. ```Network Strategy [TCP:flags:A]-duplicate(,tamper{TCP:flags:replace:R}(tamper{TCP:chksum:corrupt},))-| ``` ```Network Strategy [TCP:flags:A]-duplicate(,tamper{TCP:flags:replace:R}(tamper{IP:ttl:replace:10},))-| ``` ```Network Strategy [TCP:flags:A]-duplicate(,tamper{TCP:options-md5header:corrupt}(tamper{TCP:flags:replace:R},))-| ``` -------------------------------- ### TCP Strategy: Duplicate and Tamper TCP Flags (FRAPUEN) Source: https://github.com/kkevsterrr/geneva/blob/master/strategies.md This snippet presents network strategies that duplicate TCP flags and replace them with 'FRAPUEN'. It includes variations with checksum corruption. ```Network Strategy [TCP:flags:A]-duplicate(,tamper{TCP:flags:replace:FRAPUEN}(tamper{TCP:chksum:corrupt},))-| ``` -------------------------------- ### TCP Strategy: Duplicate and Tamper TCP Flags (FRAPUN) Source: https://github.com/kkevsterrr/geneva/blob/master/strategies.md This snippet details network strategies that duplicate TCP flags and replace them with 'FRAPUN'. It includes variations with TCP options corruption. ```Network Strategy [TCP:flags:A]-duplicate(,tamper{TCP:flags:replace:FRAPUN}(tamper{TCP:options-md5header:corrupt},))-| ``` -------------------------------- ### Send Data and Handle Server Response in Python Source: https://github.com/kkevsterrr/geneva/blob/master/docs/extending/plugins.rst This Python code snippet demonstrates sending specific byte sequences ('G', 'E', 'T\r\n\r\n') to a client socket, followed by receiving data from the server. It includes error handling for socket timeouts and general socket errors, and updates a fitness score based on the server's response or encountered errors. ```python client.sendall(b"G") time.sleep(0.25) client.sendall(b"E") time.sleep(0.25) client.sendall(b"T\r\n\r\n") server_data = client.recv(1024) logger.debug("Data recieved: %s", server_data.decode('utf-8', 'ignore')) if server_data: fitness += 100 else: fitness -= 90 client.close() except socket.timeout: logger.debug("Client: Timeout") fitness -= 90 except socket.error as exc: fitness -= 100 logger.exception("Socket error caught in client echo test.") finally: logger.debug("Client finished whitelister test.") return fitness * 4 ``` -------------------------------- ### Manage Geneva Docker Container with Python Source: https://github.com/kkevsterrr/geneva/blob/master/docker/README.md A Python script using the 'docker' SDK to run the 'base' Docker image. It configures the container with detached mode, privileged access, volume mounting for code synchronization, and assigns a name. ```python import os import docker docker_client = docker.from_env() docker_client.containers.run('base', detach=True, privileged=True, volumes={os.path.abspath(os.getcwd()): {"bind" : "/code", "mode" : "rw"}}, tty=True, remove=True, name="test") ``` -------------------------------- ### TCP Strategy: Tamper TCP Options Source: https://github.com/kkevsterrr/geneva/blob/master/strategies.md This snippet focuses on network strategies that tamper with TCP options, specifically 'options-uto'. It demonstrates a strategy with a 3% success rate in China. ```Network Strategy [TCP:flags:PA]-tamper{TCP:options-uto:corrupt}-| ``` -------------------------------- ### TCP Strategy: Duplicate and Tamper Flags (S) Source: https://github.com/kkevsterrr/geneva/blob/master/strategies.md This snippet showcases network strategies that duplicate TCP flags and set them to 'S'. It includes variations with checksum corruption. ```Network Strategy [TCP:flags:S]-duplicate(tamper{TCP:flags:replace:SA},)-| ``` -------------------------------- ### Geneva Evolution Script Source: https://github.com/kkevsterrr/geneva/blob/master/docs/howitworks/evaluation.rst The script used to run the evolution process, which involves strategy evaluation. It requires specifying the test type (plugin) using a command-line argument. ```Python evolve.py --test-type ``` -------------------------------- ### TCP Strategy: Fragment and Tamper Source: https://github.com/kkevsterrr/geneva/blob/master/strategies.md This snippet covers network strategies that involve fragmenting TCP packets and tampering with sequence numbers. It includes variations in fragmentation parameters and TCP flags. ```Network Strategy [TCP:flags:PA]-fragment{tcp:8:False}-| [TCP:flags:A]-tamper{TCP:seq:corrupt}-| ``` ```Network Strategy [TCP:flags:PA]-fragment{tcp:8:True}(,fragment{tcp:4:True})-| ``` ```Network Strategy [TCP:flags:PA]-fragment{tcp:-1:True}-| ``` -------------------------------- ### TCP Strategy: Duplicate and Tamper TCP Flags (FREACN) Source: https://github.com/kkevsterrr/geneva/blob/master/strategies.md This snippet showcases network strategies that duplicate TCP flags and replace them with 'FREACN'. It includes variations with IP TTL replacement. ```Network Strategy [TCP:flags:A]-duplicate(,tamper{TCP:flags:replace:FREACN}(tamper{IP:ttl:replace:10},))-| ``` -------------------------------- ### TCP Strategy: Duplicate and Tamper IP TTL Source: https://github.com/kkevsterrr/geneva/blob/master/strategies.md This snippet demonstrates network strategies that duplicate TCP flags and tamper with the IP Time-To-Live (TTL) field. It includes variations with different TTL replacement values. ```Network Strategy [TCP:flags:PA]-duplicate(tamper{TCP:dataofs:replace:10}(tamper{IP:ttl:replace:10},),)-| ``` ```Network Strategy [TCP:flags:PA]-duplicate(tamper{TCP:load:corrupt}(tamper{IP:ttl:replace:8},),)-| ``` ```Network Strategy [TCP:flags:A]-duplicate(,tamper{TCP:flags:replace:R}(tamper{IP:ttl:replace:10},))-| ``` ```Network Strategy [TCP:flags:A]-duplicate(,tamper{TCP:flags:replace:RA}(tamper{IP:ttl:replace:10},))-| ``` ```Network Strategy [TCP:flags:A]-duplicate(,tamper{TCP:flags:replace:FREACN}(tamper{IP:ttl:replace:10},))-| ``` -------------------------------- ### TCP Strategy: Duplicate and Tamper TCP Load Source: https://github.com/kkevsterrr/geneva/blob/master/strategies.md This snippet presents network strategies that duplicate TCP flags and tamper with the TCP load. It includes variations involving checksum corruption. ```Network Strategy [TCP:flags:PA]-duplicate(tamper{TCP:load:corrupt}(tamper{TCP:chksum:corrupt},),)-| ``` -------------------------------- ### TCP Strategy: Duplicate and Tamper Flags Source: https://github.com/kkevsterrr/geneva/blob/master/strategies.md This snippet showcases network strategies involving duplicating and tampering with TCP flags, specifically the 'PA' flag. It includes variations in data offset replacement and checksum corruption. ```Network Strategy [TCP:flags:PA]-duplicate(tamper{TCP:dataofs:replace:10}(tamper{TCP:chksum:corrupt},),)-| ``` ```Network Strategy [TCP:flags:PA]-duplicate(tamper{TCP:dataofs:replace:10}(tamper{TCP:ack:corrupt},),)-| ``` ```Network Strategy [TCP:flags:PA]-duplicate(tamper{TCP:load:corrupt}(tamper{TCP:chksum:corrupt},),)-| ``` ```Network Strategy [TCP:flags:PA]-duplicate(tamper{TCP:load:corrupt}(tamper{TCP:ack:corrupt},),)-| ``` ```Network Strategy [TCP:flags:PA]-duplicate(tamper{TCP:flags:replace:F}(tamper{IP:len:replace:78},),)-| ``` ```Network Strategy [TCP:flags:S]-duplicate(tamper{TCP:flags:replace:SA},)-| ``` -------------------------------- ### TCP Strategy: Duplicate and Tamper Length Source: https://github.com/kkevsterrr/geneva/blob/master/strategies.md This snippet presents network strategies that duplicate TCP flags and tamper with the IP length field. It includes variations in data offset replacement. ```Network Strategy [TCP:flags:PA]-duplicate(tamper{TCP:flags:replace:F}(tamper{IP:len:replace:78},),)-| ``` -------------------------------- ### TCP Strategy: Duplicate and Tamper TCP Flags (RA) Source: https://github.com/kkevsterrr/geneva/blob/master/strategies.md This snippet details network strategies that duplicate TCP flags and replace them with 'RA'. It includes variations with checksum corruption and IP TTL replacement. ```Network Strategy [TCP:flags:A]-duplicate(,tamper{TCP:flags:replace:RA}(tamper{IP:ttl:replace:10},))-| ``` -------------------------------- ### Run Geneva Strategy with iptables Configuration Source: https://github.com/kkevsterrr/geneva/blob/master/README.md Executes Geneva's strategy engine to monitor and manipulate network traffic on a specified port (e.g., 80). It configures iptables rules to direct traffic through the NFQUEUE for processing by Geneva, logging at DEBUG level. ```Bash # python3 engine.py --server-port 80 --strategy "[TCP:flags:PA]-duplicate(tamper{TCP:dataofs:replace:10}(tamper{TCP:chksum:corrupt},),)-|" --log debug ``` -------------------------------- ### TCP Strategy: Fragment and Tamper Sequence Source: https://github.com/kkevsterrr/geneva/blob/master/strategies.md This snippet covers network strategies that involve fragmenting TCP packets and tampering with the sequence number. It includes variations in fragmentation parameters. ```Network Strategy [TCP:flags:PA]-fragment{tcp:8:False}-| [TCP:flags:A]-tamper{TCP:seq:corrupt}-| ``` -------------------------------- ### Run Geneva Genetic Algorithm Source: https://github.com/kkevsterrr/geneva/blob/master/docs/howitworks/evolution.rst The `evolve.py` script is the main driver for Geneva's genetic algorithm. It manages the population of censorship evasion strategies and controls the evolution process through various command-line options. ```Python python evolve.py --population --generations [--seed ] ``` -------------------------------- ### Run Geneva Engine with Censor Option Source: https://github.com/kkevsterrr/geneva/blob/master/docs/howitworks/evaluator.rst This command demonstrates how to run the Geneva engine with the --censor option enabled, specifying 'censor2' as the censor. It also sets the evaluation-only mode and logs at the debug level. This configuration is suitable for running with Docker. ```bash python3 evolve.py --eval-only "" --test-type echo --censor censor2 --log debug ``` -------------------------------- ### TCP Strategy: Duplicate and Tamper TCP Flags Source: https://github.com/kkevsterrr/geneva/blob/master/strategies.md This snippet details network strategies that duplicate and tamper with TCP flags, including replacing flags with 'R', 'RA', and 'FRAPUEN'. It also incorporates checksum corruption. ```Network Strategy [TCP:flags:A]-duplicate(,tamper{TCP:flags:replace:R}(tamper{TCP:chksum:corrupt},))-| ``` ```Network Strategy [TCP:flags:A]-duplicate(,tamper{TCP:flags:replace:RA}(tamper{TCP:chksum:corrupt},))-| ``` ```Network Strategy [TCP:flags:A]-duplicate(,tamper{TCP:flags:replace:FRAPUEN}(tamper{TCP:chksum:corrupt},))-| ``` -------------------------------- ### Create Worker Directory Source: https://github.com/kkevsterrr/geneva/blob/master/docs/howitworks/addingaworker.rst This command creates a new subdirectory within the 'workers' folder to house the configuration for a new external client worker. ```bash # mkdir workers/test # ls workers/ example test ```