### Start DPYProxy with Docker Source: https://github.com/upb-syssec/dpyproxy/blob/main/README.md Use this command to start DPYProxy using Docker Compose. Ensure Docker is installed. ```sh docker-compose up ``` -------------------------------- ### Start DPYProxy with Python Source: https://github.com/upb-syssec/dpyproxy/blob/main/README.md Start DPYProxy with Python, enabling TLS record fragmentation, TCP fragmentation, and specifying ports. This command also initiates the DNS and TLS modules. ```sh python3 main.py --tls_record_frag --tls_tcp_frag --tls_frag_size 20 --tls_port 4433 --dns_port 5533 ``` -------------------------------- ### Launch DPYProxy with TLS record fragmentation and a forward proxy Source: https://github.com/upb-syssec/dpyproxy/blob/main/README.md Launches DPYProxy with TLS record fragmentation and configures a forward proxy. DPYProxy connects to the forward proxy using HTTP CONNECT. The DNS module is also enabled to determine a working circumvention. ```bash python3 main.py --record_frag --forward_proxy_address 192.168.0.1 --forward_proxy_port 8080 --forward_proxy_mode HTTPS --forward_proxy_resolve_address ``` -------------------------------- ### Dpyproxy Command-Line Usage Source: https://github.com/upb-syssec/dpyproxy/blob/main/README.md This snippet displays the general usage and available options for the main dpyproxy script. It covers configurations for TLS and DNS modules, along with standard operational flags. ```bash usage: main.py [options] Proxy for circumventing DPI-based censorship. TLS Module: --tls_disabled_modes {HTTP,HTTPS,SNI,SOCKSv4,SOCKSv4a,SOCKSv5} List of proxy modes to ignore. By default, all none are disabled. Hence, all are enabled --tls_timeout TLS_TIMEOUT Connection timeout in seconds --tls_host TLS_HOST Address the proxy server runs on --tls_port TLS_PORT Port the proxy server runs on --tls_record_version TLS_RECORD_VERSION Overwrites the TLS version in the TLS record with the given bytes. Pre-defined values ['DEFAULT', 'TLS10', 'TLS11', 'TLS12', 'TLS13_DRAFT_28', 'TLS13', 'SSL3', 'INVALID_SMALLER', 'INVALID_BIGGER'] or 2 byte long values such as 0303 or FFFF can be provided. --tls_record_frag, --no-tls_record_frag Whether to use record fragmentation to forwarded TLS handshake messages (default: True) --tls_tcp_frag, --no-tls_tcp_frag Whether to use TCP fragmentation to forwarded messages. (default: True) --tls_frag_size TLS_FRAG_SIZE Bytes in each TCP/TLS record fragment --tls_dns_server_ip TLS_DNS_SERVER_IP DNS server IP for all DNS queries of the TLS module. If not given, the DNS server started by the DNS module us used. If DNS module is not used, the OS default DNS server is used. --tls_dns_server_port TLS_DNS_SERVER_PORT DNS server port for all DNS queries. Only set if a DNS server IP is given. If not given, the default port 53 is used. --tls_forward_proxy_host TLS_FORWARD_PROXY_HOST Host of the forward proxy if any is present --tls_forward_proxy_port TLS_FORWARD_PROXY_PORT Port the forward proxy server runs on --tls_forward_proxy_mode {HTTP,HTTPS,SNI,SOCKSv4,SOCKSv4a,SOCKSv5} The proxy type of the forward proxy --tls_forward_proxy_resolve_address, --no-tls_forward_proxy_resolve_address Whether to resolve domains before including them in the HTTP CONNECT request to the second proxy (default: False) DNS Module: --dns_mode DNS_MODE Mode that the DNS proxy operates in. Default AUTO. If not set to AUTO, still attempts to automatically determine a resolver for the configured mode. To pre-define the used DNS mode and server set this flag and the dns_resolver_host and optionally the dns_resolver_port flags. --dns_timeout DNS_TIMEOUT Connection timeout in seconds. For the LAST_RESPONSE mode this timeout will always be reached. Set this timeout and the timeout of calling application accordingly. --dns_host DNS_HOST Address the proxy server runs on --dns_port DNS_PORT Port the proxy server runs on --dns_resolver_host DNS_RESOLVER_HOST DNS resolver IP. If set, must correspond to the selected dns_mode. --dns_resolver_port DNS_RESOLVER_PORT DNS resolver port. If set, must correspond to the selected dns_mode. If unset, port is chosen based on the chosen or determined mode's standard port --dns_censored_domain DNS_CENSORED_DOMAIN A domain name censored in your location. Used to determine working circumventions methods. Specify together with --dns_censored_domain_ip --dns_compare_ip_ranges DNS_COMPARE_IP_RANGES A list of IP ranges the resolved IP of the censored domain lies in. The censored domain is specifiable in --dns_censored_domain. --dns_block_page_ips DNS_BLOCK_PAGE_IPS Whether the given IP ranges to compare are block page IPs or not. Default is False. --dns_add_sni DNS_ADD_SNI Whether or not to include the SNI for encrypted DNS modes. Defaults to True. --dns_skip_working_file DNS_SKIP_WORKING_FILE Whether taking the stored working resolver from a file should be skipped. Defaults to False. Standard options: -h, --help Show this help message and exit --debug, --no-debug Turns on debugging (default: False) --disabled_modules DISABLED_MODULES List of proxy modules to disable. By default, all none are disabled. Hence, all are enabled ``` -------------------------------- ### Launch DPYProxy with TLS record and TCP fragmentation, setting fragment size Source: https://github.com/upb-syssec/dpyproxy/blob/main/README.md Launches DPYProxy with both TLS record and TCP fragmentation enabled, and sets the fragment size to 100 bytes. The DNS module is also enabled to determine a working circumvention. ```bash python3 main.py --tls_frag_size 100 ``` -------------------------------- ### Launch DPYProxy with TLS record fragmentation enabled and TCP fragmentation disabled Source: https://github.com/upb-syssec/dpyproxy/blob/main/README.md Launches DPYProxy with TLS record fragmentation enabled and TCP fragmentation turned off. The DNS module is also enabled to determine a working circumvention. ```bash python3 main.py --tls_record_frag --no-tls_tcp_frag ``` -------------------------------- ### Launch DPYProxy with only DNS module enabled Source: https://github.com/upb-syssec/dpyproxy/blob/main/README.md Launches DPYProxy with the TLS module disabled and the DNS module in its default auto mode. ```bash python3 main.py --disabled_modules TLS ``` -------------------------------- ### Send DNS Request with dig Source: https://github.com/upb-syssec/dpyproxy/blob/main/README.md Send a DNS request to the DPYProxy DNS server running on localhost:5533 using the 'dig' command. This tests the DNS module's functionality. ```sh dig wikipedia.org @127.0.0.1 -p 5533 ``` -------------------------------- ### Test TLS Circumvention with curl Source: https://github.com/upb-syssec/dpyproxy/blob/main/README.md Test DPYProxy's TLS circumvention capabilities by sending a request to a website through the DPYProxy TLS module running on localhost:4433 using 'curl'. ```sh curl -p -x localhost:4433 https://www.wikipedia.org ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.