this post was submitted on 30 Nov 2023
471 points (94.2% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

55085 readers
381 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 2 years ago
MODERATORS
 

Who cares if nobody can work, the important is that those illegal streams are blocked

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 22 points 1 year ago (3 children)

Oh fun fact, Govt also issued an order stating that VPN providers who won't log information of users, can't function in India.

[–] [email protected] 17 points 1 year ago (1 children)

That statement just screams "I don't understand how the internet works"

[–] [email protected] 3 points 1 year ago (1 children)

They understand exactly how it works. If you're a VPN provider in india, you either keep logs, or you go to jail.

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago)

Oh, so they're aware the stated actions would have no impact on VPN accessibility beyond potentially restricting India endpoints?

Either that or they're planning to play server whack-a-mole with overseas private companies whom themselves have no control over access from India

Edit: or it's just a non-statement to misdirect

[–] [email protected] 4 points 1 year ago (1 children)

Bet they love Tor then....

Though maybe faster to have a VPS somewhere else. Maybe do a VPN from there.

They aren't going to block ssh.

[–] [email protected] 2 points 1 year ago (1 children)

Hey do you know of a good ssh client? I'd like to spoof SNI using one but I don't know how it is done with ssh/ssl

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (1 children)

Not sure exactly what you are after, but would stunnel4 do? You can use it to hide SSH with SSL and then use SNI so that a specific website name is SSH and others something else. You can probably do it with Apache or NGINX to if there is real websites too.

Client wise, just normal ssh, but with a custom config for that host with:

ProxyCommand openssl s_client -connect %h:%p

Edit: NGINX : http://nginx.org/en/docs/stream/ngx_stream_ssl_preread_module.html

Edit: Apache : https://trofi.github.io/posts/295-ssh-over-https.html

[–] [email protected] 1 points 1 year ago (1 children)

umm, I got confused. Let tell you exactly about the use case. so on a site like this " https://sshocean.com/ssh-ssl " I create an account, and I get something like this: where do I insert this payload (what client for windows or Ubuntu)? and how do I insert the desired SNI that I want to be in front of my ISP? I know of http injector with whom the trick works on android, I mean ssh/ssl stunnel.

[–] [email protected] 2 points 1 year ago (1 children)

In your .ssh/config you want something like:

Host my-ssh-ssl Hostname us01.ssh0.net User sshocean-p1r4t2br Password myparrot2 Port 443 ProxyCommand ~/.ssh/https-tunnel.sh %h %p

Then you have a ~/.ssh/https-tunnel.sh something like:

#!/usr/bin/env bash { printf "GET /HTTP/1.1\r\nHost:$1\r\nUpgrade:websocket\r\n"; cat } | openssl s_client -connect $1:$2 -servername $1

That last bit, -servername is the SNI bit, if you need it. BUT I think that payload might be for port 2083. I think 443 might be just the OpenSSL connect directly.

[–] [email protected] 1 points 1 year ago (1 children)

then I initiate this using stunnel from terminal ?(Ubuntu OS)

[–] [email protected] 1 points 1 year ago

No, stunnel is go othere end. If you doing only the client end, you.don't need it.

[–] [email protected] 3 points 1 year ago

I thought it was just for servers tho?