rr-dev/README.md

# rr-dev

1. start http/2 enabled nginx server:
```
cd server
docker compose up -d
```

2. start capturing traffic in wireshark

3. run poc script:
```
python rr.py
```

4. decode traffic in wireshark using `ssl-keylog.log` as the ssl keyfile
5. compare against the cloudflare blog notes (unless you have the pcap which seems to be gone now)

## notes
no clue if this actually works, but it seems to match the same behavior
mentioned in the cloudflare blog.

obviously to weaponize it, it will take some extra effort like multithreading but i sure as fuck
am not releasing a weaponized version fo free.

greets to psyk0, slerig, and all the other juggalols out there
Initial commit with HTTP/2 server 2023-10-11 20:58:22 +00:00			`# rr-dev`

Add PoC 2023-10-11 23:26:30 +00:00			`1. start http/2 enabled nginx server:`
Initial commit with HTTP/2 server 2023-10-11 20:58:22 +00:00			```
			`cd server`
			`docker compose up -d`
			```

Add PoC 2023-10-11 23:26:30 +00:00			`2. start capturing traffic in wireshark`

			`3. run poc script:`
			```
			`python rr.py`
Initial commit with HTTP/2 server 2023-10-11 20:58:22 +00:00			```
Add PoC 2023-10-11 23:26:30 +00:00
			4. decode traffic in wireshark using `ssl-keylog.log` as the ssl keyfile
Update README.md 2023-10-11 23:29:14 +00:00			`5. compare against the cloudflare blog notes (unless you have the pcap which seems to be gone now)`
Add PoC 2023-10-11 23:26:30 +00:00
			`## notes`
			`no clue if this actually works, but it seems to match the same behavior`
			`mentioned in the cloudflare blog.`

Update README.md 2023-10-11 23:29:14 +00:00			`obviously to weaponize it, it will take some extra effort like multithreading but i sure as fuck`
			`am not releasing a weaponized version fo free.`

Add PoC 2023-10-11 23:26:30 +00:00			`greets to psyk0, slerig, and all the other juggalols out there`