1 / 28

GoLang in GoAgent

GoLang in GoAgent. @phuslu 2012/11/10. GoAgent is a Google AppEngine Application HTTP/HTTPS Proxy Written by Python(2011). GoAgent ABC. GoAgent Tricks. HOSTS DNS resolve CRLF Injection HTTPS multiple-connection. GoAgent Tricks - Hosts. GoAgent Tricks - Hosts.

abbott
Télécharger la présentation

GoLang in GoAgent

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. GoLang in GoAgent @phuslu 2012/11/10

  2. GoAgent is a • Google AppEngine Application • HTTP/HTTPS Proxy • Written by Python(2011)

  3. GoAgent ABC

  4. GoAgent Tricks • HOSTS • DNS resolve • CRLF Injection • HTTPS multiple-connection

  5. GoAgent Tricks - Hosts

  6. GoAgent Tricks - Hosts

  7. GoAgent Tricks – TCP DNS resolve

  8. GoAgent Tricks – UDP DNS resolve • Send UDP DNS query to 8.8.8.8/8.8.4.4/168.95.1.1 • Socket recvform 512 bytes DNS answer • If DNS answer in blacklist, goto 2 • blacklist set(['4.36.66.178', '8.7.198.45', '37.61.54.158', '46.82.174.68', '59.24.3.173', '64.33.88.161', '64.33.99.47', '64.66.163.251‘, ‘…’] • If DNS answer not in blacklist, return

  9. GoAgent Tricks – CRLF Inection

  10. GoAgent Tricks– new CRLF Inection

  11. GoAgent Tricks – HTTPS Connect

  12. Go is a • New • Experimental • Concurrent • Garbage-Collected • Systems Language.

  13. Why a new language? • Go fast! • Make programming fun again. • No new major systems language in a decade. But much has changed: - sprawling libraries & dependency chains - dominance of networking - client/server focus - massive clusters - the rise of multi-core CPUs • Major systems languages were not designed with all these factors in mind.

  14. Why move to GoLang? • Fast • Native. • More Standard Libs. • GoRoutine • Multi-Core support?

  15. Why move to GoLang - Fast • Fast Event Loop • Epoll/IOCP backend in Linux/Windows • Flat net/http package • Static Type • Find out error in compiling time • Run faster in runtime

  16. Why move to GoLang - Native • Standalone • No Runtime • No Dependency • Small • 1 M bytes in windows

  17. Why move to GoLang - Standard Libs • crypto/x509 VS pyOpenSSL • Same points: • Issue key/certs • Difference: • crypto/x509 is a standard and pure golang lib, no dependency • pyOpenSSL is a 3rd python lib and based on openssl-devel • Conclusion: • pyOpenSSL is hard to integrate • pyOpenSSL must be built in on every platform

  18. Why move to GoLang - Standard Libs • index/suffixarray VS str.endswith • Same points: • Judge a domain is a google domain family or not • Python Example:

  19. Why move to GoLang - Standard Libs • index/suffixarray VS str.endswith • Same points: • Judge a domain is a google domain family or not • GoLang Example:

  20. Why move to GoLang - Standard Libs • index/suffixarray VS str.endswith • Same points: • Judge a domain is a google domain family or not • Conclusion: • index/suffixarray is a killer feature for goagent

  21. Why move to GoLang - Standard Libs • What’s more • net/http vs SimpleHTTPServer • log/syslog vs python-logging • crypto/rc4 vs python-rc4 • … • Conclusion: • golang standard libs are effective for networking programing

  22. Why move to GoLang - GoRoutine • Python Example

  23. Why move to GoLang - GoRoutine • GoLang Example

  24. Why move to GoLang – GoRoutine • Conclusion: • GoAgent could connect GAE more faster by using goroutine

  25. Why move to GoLang – Multi-core • Python threading vs GoLang goroutine • Python threading is limited by GIL • GoLang runtime.GOMAXPROCS(NCPU) could enable multi-core support on the fly. • Scenarios? • https/openssl • rc4/lzw

  26. CONCLUSION • GoLang is a fast, native and effective language • Golang makes networking programming easier. • Goroutine is a killer language feature. • Want to try it?Want to help?Want to build libraries or tools? http://golang.org

  27. Any Queries??

More Related