Forum

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

............................... ............................

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

https://image.ibb.co/h5301T/Screensh...2_40_11_PM.png

Not true... It says exactly what his says or I used text editor too I suppose just to troll you right? And my home IP is on blocked list... I kind of find that hard to believe since it comes from Time Warner but WTF.

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

I have Hackintosh VM, so the text different in mac then. Ok, He is honest then. Jesus will love him. It looks like you are near to IP location that's why it does not catch the PING.

What about your Passive OS fingerprint? None of your guys showed me that one.

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

Keep your pants on....
https://i.imgsafe.org/71/7102f6d070.jpeg

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

How you fixed it?

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

Fixed what?

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

it looks like that what leaks not recognized passive print. Can you please go to witch.valdikss.org.ru and see "Detected OS"?

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

Admin can close this Theard, I found a tool that can be used to spoof TCP print.

"Fingerprint F u c k e r" is the tool name, you can google and download, deploy on your system!

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

I can, send me $20 via PayPal....wasting my time, my time cost money.

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

Sure, send me your PayPal email and i will do rest.

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

F a k e email! Evildaddy!

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

To hide the OpenVPN tunnel from whatleaks.com all you have to do is stop the VPN from listening on TCP port 1194

You can let the VPN listen in on UDP 1194 and use any other tcp port (preferably tcp 443). All whatleaks.com does is check to see if your OS is listening on tcp 1194 to detect a OpenVPN tunnel, you can even leave tcp 1194 open for incoming and outgoing packets in you iptables rules on the server running the VPN software.

It doesn't do deep packet inspection like the Great Firewall of China does so you dont even have to wrap it in SSL. So even when you do encrypt the tunnel in SSL and are listenening in on multiple ports and one is tcp port 1194 it will detect the OpenVPN tunnel.

The MTU value comming through the VPN you cant get to 1500 bites as far as I can tell so far because of the headers and footers placed by the encryption, but it doesn't matter. VPN's arent the only thing that will give you a MTU value less than 1500 according to someone I know that runs a few large data centers.

Even some online video games suggest you lower the MTU to get rid of lag from the packets fragmenting so I wouldnt worry about it...

But if someone does figure out how to spoof MTU in headers I'd love to know.

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

Oh Sh!t.... I'm a f#ckin' genius... I solved the MTU issue using SoftEther VPN protocol...

In SoftEther Client under the VPN connection properties < advanced settings < Disable UDP acceleration.

MTU=1500 Ethernet or Modem all the way through the VPN tunnel now....

Now I officially have a VPN that is 100% undetectable besides the Corporate IP address from the data center....

Quick someone one or new VPN detection site... Give me another challenge.

I think I have the same fix for OpenVPN client too but I have some testing to do on that. I think some mods need to be made to the OpenVPN.confg file.

@Aspkin, If you knew this all along and made me burn my brain trying to figure this out and didnt drop some knowledge Id be very sad and disappointed.

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

https://www.akamai.com/us/en/multime...hite-paper.pdf

HTTP2 & TLS Fingerprinting. There was a cool demo, cant find it now :D

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

There are UDP fingerprinting, ICMP fingerprinting. Its lot of ****, the only way is to build custom Linux router. I'm going to build this with my buddy. I gotta to use AI to analyze fingerprints then generate realistic ****

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

If the information used to detect the VPN or Proxy is in the packet I have another way I figured out but the program is only for Windows... But there are similar programs for Linux... For VPN or Proxy you would probably need to use server side.

WinDivert 1.4: Windows Packet Divert
====================================

1. Introduction
---------------

Windows Packet Divert (WinDivert) is a user-mode packet capture-and-divert
package for Windows Vista, Windows 2008, Windows 7, Windows 8 and Windows 10.

WinDivert allows user-mode programs to capture/modify/drop network packets
sent to/from the Windows network stack.
In summary, WinDivert can
- capture network packets
- filter/drop network packets
- sniff network packets
- (re)inject network packets
- modify network packets
WinDivert can be used to implement user-mode packet filters, packet sniffers,
firewalls, NAT, VPNs, tunneling applications, etc., etc..

https://github.com/basil00/Divert


Im using it on my Mining Software running on Windows 10 to capture the developers Ethereum address in the packet for his DevFee and replace it with mine.

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

Go to PayPal and capture packet, but they clever.

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

What year is it



lol

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

We are in 2018

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

I have no idea what is being discussed on this thread, This is like an M.Night Shylaman thread, too many complexities.

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

Hey yo sup Neos,

I just set up my proxy server and I am facing the same issue iloveghosts has been paranoing here about, and I actually just spent an entire day looking for a solution but could not find one.

I have that mismatch of passive OS fingerprint and my browser OS, has anyone come with a solution on how to fix this?

https://i.snag.gy/FyshTr.jpg

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

I have fixed the ping issue, but am still looking for a solution to Passive OS fingerprints! :)

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

Fixed Passive OS Fingerprints issue too!

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

Perfectly said! I share the exact same view of things!

There is nothing wrong about using VPN - not to mention that a VPN is not primary made to make you totally anonymous.

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

Using VM properly configured, you are using virtual routers. So which routers are here fingerprinted?

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

Would you mind sharing how you fixed it?

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

I haven't even been able to replicate the mis-matched OS finger prints. So I cant even break it to fix it...

But the rest I've worked through ages ago..

To fix the MTU issue just add to the OVPN client config...

If your using SoftEther disable UDP Acceleration in Advanced settings on the client.

But the best way with SoftEther, if your building and running your own VPN's on VPS, is to use a Bridged connection instead of enabling SecureNAT. Use dnsmasq for dhcp and use iptables to do the routing and forwarding.

To fix the ping issue just drop ICMP requests with iptables on the server.

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

By modifying OS kernel

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

What is leaking the mis-matched OS? VMware? VPS running proxie? or VPS running VPN?

I'm guessing its a KVM VPS running proxie since its the only thing I havent tried to recreate the issue. I've never tried to built a proxie before.

Sounds like you've come a long way @Mayhard. Good job bro. Sh!ts fulfilling isnt it. Problem solving like that in shell or cmd line.

I know for fact its impossible to run your own kernel on a OpenVZ guest (VPS). I tried a while back while trying to tunnel dual stack IPv4 & IPv6 through VPN since ip6tables NAT isn't available on OEM OpenVZ kernel. The way OpenVZ works you share the hosts kernel, so I would assume with 99% assurity its impossible to modify the kernel as well since the guest doesn't have assess to the hosts kernel.

KVM is another beast entirely. You can run your own custom kernel on a KVM guest. If your building your own VPN's ect... KVM is the way to go if you can find them at the right price. ( < $15 per-year )

Re: VPN & Proxy Detection, Browser Spoof Detection using TCP
 

hi iloveghosts , sorry to bother you , i am interested in this topic
TCP Fingerprint Spoofing , but no one seems to notice it , hope you can give me some advice