- Due to South Korean Governement's announcement which indicates that they will start Internet Censorship (widely known as warning.go.kr in S. Korea) based on TLS SNI inspection, force encrypting TLS handshake flights are now essential for S. Koreans to use the Internet safely - without any interference from gov -.
- This project inspects all TCP packets and captures TLS Handshake packets which starts with
0x16. - All handshake packets will be redirected to remote TCP server where user has set up when starting proxy server, with whole data encrypted with AES-256-CBC method.
- TCP server
- decrypts data from client
- opens a TCP socket to host where user tries to connect
- send decrypted data to socket and waits for response
- Encrypts response and delivers encrypted data back to proxy server
- Again, proxy server
- Decrypts data from TCP server
- Sends it back to user
- All normal packets, such as TLS packets which has been already established private tunnel with server will be sent directly to server without any redirection.
- .NET Core C#
- Linux
- macOS
- *BSD (Not tested)
- WIP