- Notifications
You must be signed in to change notification settings - Fork7
Low-level access to the QUIC Initial Packet for mimicry purposes, hard fork of quic-go.
License
refraction-networking/uquic
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
uQUIC is a fork ofquic-go, which provides Initial Packet fingerprinting resistance and other features. While the handshake is still performed by quic-go, this library provides interface to customize the unencrypted Initial Packet which may reveal fingerprint-able information.
Golang 1.20+ is required.
If you have any questions, bug reports or contributions, you are welcome to publish those on GitHub. You may also reach out to one of the maintainers viagaukas.wang@colorado.edu.
Development is still in progress and we welcome any contributions adding new features or fixing extant bugs.
This repository belongs to a large research project on how to fingerprint QUIC clients and how to mitigate such fingerprinting. We do not encourage any malicious use of this project's output, including this repository,uTLS, andclienthellod.
Our research paper is still yet to be published and therefore this repository is neither ready for production use nor peer-reviewed. And the scope of our research is limited that such mimicry backed by this library MAY NOT be realisticly indistinguishable from the real QUIC clients being mimicked, and some misuses of this library MAY lead to easier fingerprinting against the mimic. We welcome any contributions to improve the realism of the mimicry, as well as expanding the scope of this project.
For anyone intending to use this library for censorship circumvention, please be sure to understand the risks and limitations of this library.
If you are interested in our research, please stay tuned for our paper.
- Customize Initial Packet
- Customize Initial ACK behavior (#1,quic-go#4007)
- Customize Initial Retry behavior (#2)
- Add preset QUIC parrots
- Google Chrome parrot (call for parrots w/
Token/PSK) - Mozilla Firefox parrot (call for parrots w/
Token/PSK) - Apple Safari parrot
- Microsoft Edge parrot
- Google Chrome parrot (call for parrots w/
uQUIC provides a mechanism to customize the Initial Packet, which is unencrypted and is almost unique to every QUIC client implementation. We provide an interface to customize the Initial Packet and makes the fingerprinting of QUIC clients harder.
A QUIC Spec sets parameters and policies for uQUIC in establishing a QUIC connection.
Seeu_parrot.go for examples of building a QUIC Spec (parrot).
We provide a few preset QUIC Specs (parrots) for popular QUIC clients inu_parrot.go.
To use one, simple invokeQUICID2Spec(id). See below for a complete example of using a preset QUIC Spec in an HTTP3 client.
package mainimport ("bytes""fmt""io""log""net/http"tls"github.com/refraction-networking/utls"quic"github.com/refraction-networking/uquic""github.com/refraction-networking/uquic/http3")funcmain() {roundTripper:=&http3.RoundTripper{TLSClientConfig:&tls.Config{},QuicConfig:&quic.Config{},}quicSpec,err:=quic.QUICID2Spec(quic.QUICFirefox_116)// quicSpec, err := quic.QUICID2Spec(quic.QUICChrome_115)iferr!=nil {log.Fatal(err)}uRoundTripper:=http3.GetURoundTripper(roundTripper,&quicSpec,// getCRQUICSpec(),nil,)deferuRoundTripper.Close()h3client:=&http.Client{Transport:uRoundTripper,}addr:="https://quic.tlsfingerprint.io/qfp/?beautify=true"rsp,err:=h3client.Get(addr)iferr!=nil {log.Fatal(err)}fmt.Printf("Got response for %s: %#v",addr,rsp)body:=&bytes.Buffer{}_,err=io.Copy(body,rsp.Body)iferr!=nil {log.Fatal(err)}fmt.Printf("Response Body: %s",body.Bytes())}
About
Low-level access to the QUIC Initial Packet for mimicry purposes, hard fork of quic-go.
Topics
Resources
License
Security policy
Uh oh!
There was an error while loading.Please reload this page.
Stars
Watchers
Forks
Packages0
Uh oh!
There was an error while loading.Please reload this page.