Shadowsocks-libev: Any security updates about "ss协议漏洞的复现和利用"?

Created on 17 Feb 2020 · 1Comment · Source: shadowsocks/shadowsocks-libev

Please answer these questions before submitting your issue. Thanks!

2020年2月12日，Zhiniang Peng 在 github 上公开了对于 shadowsocks 的攻击理论，https://github.com/edwardz246003/shadowsocks.git，在阅读完作者的文档后获益匪浅，但 github 中主要是理论，代码和场景写的描述的非常混乱，本文亲自演示一遍整个流程，把整个攻击演示的更清楚。

https://github.com/LeadroyaL/ss-redirect-vuln-exp

http://t.cn/A6hInAD8

What version of shadowsocks-libev are you using?

3.3.3

What operating system are you using?

CentOS 7

invalid

Source

totemofwolf

Most helpful comment

鉴于AEAD不受影响，只给流加密加了警告

studentmain on 17 Feb 2020

👍4

>All comments

鉴于AEAD不受影响，只给流加密加了警告

studentmain on 17 Feb 2020

👍4

Was this page helpful?

0 / 5 - 0 ratings

Related issues

ss-redir不能正常工作

qianguozheng · 4Comments

请教如何正确安装3.0.5的rng-tools

triaqu · 4Comments

ss-server指定监听“::”时，不能同时监听ipv4

blackgear · 3Comments

Mishandling of json configuration file could lead to Null Pointer Dereference

viennadd · 3Comments

ss-redir, SHADOWSOCKS_MARK, no such file or directory.

d0u9 · 4Comments