Its small size and ease of implementation makes it a popular choice for malware developers wishing to hide their nasty bits of code from anti-malware detection. XOR obfuscation has achieved a certain level of notoriety. Scrambling OpenVPN-encrypted data with the XOR cipher makes it harder for systems such as the Great Firewall of China to detect.
#Openvpn stunnel Patch
The open source openvpn_xor scramble patch makes it almost trivially easy for them to implement XOR Scramble and offer it to their customers. By replacing the value of each bit of data protected by OpenVPN with another value, XOR scrambles the data in a way that makes this signature very hard to detect.Īnd for VPN services, the XOR gold doesn't stop here. OpenVPN does, however, give encrypted data a distinctive signature which can be detected using DPI. OpenVPN Scramble does not use the XOR cipher to secure your data. Indeed, a simple XOR cipher can be easily broken using simple frequency analysis techniques (looking for patterns in the output string). If this doesn't sound very secure, it isn't. Except that it uses a much more sophisticated algorithm than most children can devise. It is the kind of ROT13 cipher that clever kids often use to create secret messages. This kind of cipher is also called an additive cipher, and is the simplest kind of cipher there is. So if you feed the output string back into the same algorithm, you end up with the original string with the cipher removed. In other words, it just replaces each alphanumeric in a string that is fed into it with another number.Ĭrucially, the algorithm is reversible. The XOR algorithm is basically a simple substitution cipher. XOR is usually pronounced Ex-or and stands for Exclusive or, a type of mathematical operation used by the XOR cipher.
0 kommentar(er)
