uproxy-churn
Advanced tools
Obfuscated WebRTC data channels.
WebRTC supports the creation of peer-to-peer data channels. WebRTC data channels are secured with DTLS. An observer of the network traffic between two connected hosts can trivially see that DTLS is in use; from this, they may infer that data channels are in use. We wish to make it difficult for an observer to detect the use of data channels.
This repository builds a Freedom module which affords control over WebRTC data
channels at the network layer. The module, churn, provides an interface
similar to uproxy-lib's uproxypeerconnection.
churn works by configuring WebRTC to pipe its peer-to-peer data through a
local TURN server. This affords us an opportunity to transform the data prior
to sending it over the network; churn code on the remote host then restores
the data to its original format prior to delivering it to the remote WebRTC
peer.
Currently, uTransformers are used to transform and restore the data being sent over the network. The libFTE transformer, in particular, affords great control over format of the data across the untrusted network.
This repository builds two sample apps, both Chrome apps.
Demonstrating the simplest possible use of the turn and net modules,
this app spins up a TURN server on port 9997.
The server may be used with standard TURN clients, e.g. the command-line
tools from the rfc5766-turn-server suite:
apt-get install rfc5766-turn-server on Debian-like systems)turnutils_peer. This starts a UDP echo server on ports 3480 and 3481.turnutils_uclient -s -u test -w test -e 127.0.0.1 127.0.0.1 -p 9997You should see a flurry of activity in the Chrome debugging console. On the
command line, you will soon see a report. The output is not very user-friendly
but the important parts are tot_send_msgs and tot_send_bytes. With the TURN
server, echo server, and TURN client all running locally, you should not see any
dropped packets. For more options, e.g. to open more channels or send larger
datagrams, see the
turnutils_uclient documentation.
Demonstrates how the churn module may be used to drive a two-way chat client.
The endpoints in use - along with a lot of debugging information - may be determined by examining the Javascript console; to convince yourself that the data is indeed obfuscated, examine your system's network traffic with the help of wireshark.
FAQs
Obfuscated WebRTC data channels.
The npm package uproxy-churn receives a total of 1 weekly downloads. As such, uproxy-churn popularity was classified as not popular.
We found that uproxy-churn demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.