• Stars
    star
    311
  • Rank 134,463 (Top 3 %)
  • Language
    Shell
  • License
    GNU General Publi...
  • Created over 5 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A one-key script to setup Cloak plugin with Shadowsocks on your server

Cloak Installer With Shadowsocks

A script to install Cloak in your server with or without shadowsocks.

Why this installer?

  • Install with some simple copy and pasting
  • Install Shadowsocks if you want it
  • Show QRCode and ss:// link at the end (Only for shadowsocks)
  • User Management
  • Automatic service configuration
  • Automatically setup firewall
  • Support Debian, Ubuntu, CentOS and Raspbian Buster

What is Cloak?

Cloak is a universal pluggable transport that cryptographically obfuscates proxy traffic as legitimate HTTPS traffic, disguises the proxy server as a normal web server, multiplexes traffic through multiple TCP connections and provides multi-user usage control.

Cloak eliminates any "fingerprints" exposed by traditional proxy protocol designs which can be identified by adversaries through deep packet inspection. If a non-Cloak program or an unauthorized Cloak user (such as an adversary's prober) attempts to connect to Cloak server, it will serve as a transparent proxy between said machine and an ordinary website, so that to any unauthorized third party, a host running Cloak server is indistinguishable from an innocent web server. This is achieved through the use a series of cryptographic steganography techniques.

Since Cloak is transparent, it can be used in conjunction with any proxy software that tunnels traffic through TCP, such as Shadowsocks, OpenVPN and Tor. Multiple proxy servers can be running on the same server host machine and Cloak server will act as a reverse proxy, bridging clients with their desired proxy end.

Cloak multiplexes traffic through multiple underlying TCP connections which reduces head-of-line blocking and eliminates TCP handshake overhead.

Cloak provides multi-user support, allowing multiple clients to connect to the proxy server on the same port (443 by default). It also provides QoS controls for individual users such as data usage limit and bandwidth control. source

The Script

Compatibility

The script should work with these operating systems:

  • CentOS 7 / 8
  • Debian 8 / 9 / 10 / 11 (Thanks to @xiamaz)
  • Ubuntu 16 / 18 / 20
  • Raspbian Buster (Thanks to Raphael)

arm, arm64, amd64 and i386 architectures are supported.

Tested On (I will test others too)

  • Ubuntu 20.04 LTS Server amd64
  • Debian 11 amd64
  • Centos 7 amd64
  • Raspbian Buster

Installing Cloak 2 Plugin

Copy and execute this command:

curl -o Cloak-Installer.sh -L https://git.io/fj5mh && bash Cloak-Installer.sh

Answer questions and wait until the setup finishes installing. Installing the shadowsocks is optional.

Install Openvpn or Tor with Cloak

Please read here. The tutorial is just fine! It is recommended to install the openvpn or tor before installing my script.

Also here is an script to install openvpn.

After you set up the openvpn or tor, re-run the script. If you had the Cloak installed, you can use Change Forwarding Rules to add the address to proxy. If you are installing, when the script asks for custom rule, select yes and define it there.

Post-Install

After installing, re-run the script to either uninstall the proxy, add or delete users, generate QR codes for shadowsocks, or change the forwarding rules.

Also script creates a service named cloak-server.

Installing Shadowsocks With Cloak 1 Plugin

Copy and execute this command:

curl -o Shadowsocks-Cloak-Installer.sh -L https://git.io/fjECg && bash Shadowsocks-Cloak-Installer.sh

Answer questions and wait until the setup finishes installing. You can scan the QR Code after or use ss:// link or even enter server config manually.

Post-Install

After installing, re-run the script to either uninstall the proxy or regenerate QR code and ss:// link and configs.

Also script creates a service named shadowsocks-server. DO NOT USE shadowsocks-libev service.

Shadowsocks Client Setup

Android

On Android at first download shadowsocks client from Google Play. Then download and install Cloak APK from here. Then simply scan the QR Code generated by script.

Linux

At first install shadowsocks-libev. More Info. Download this file and edit it with your server arguments. Then download one of the clients suitable for your linux from here (You may need to run chmod +x ck-client-linux-XXX to make it executable). Run client like this:

ss-local -s <SERVER_IP> -p <SERVER_PORT> -l 1080 -k <SERVER_PASSWORD> -m <ENCRYPTION_METHOD> --plugin path/to/ck-client-linux-XXX --plugin-opts path/to/ckclient.json

You can connect to your shadowsocks with socks or http proxy set on localhost and 1080 port.

iOS

It looks like that this app does support cloak but I haven't tested it.

Windows

At first install shadowsocks windows. Then download cloak for windows from here. If you are using a 32-bit system, download ck-client-windows-386-X.exe if your system is 64-bit use ck-client-windows-amd64-X.exe. Then use the QR Code or ss:// link to import the server.

The program will give you an error that shadowsocks cannot find ck-client or something like this. Click OK and go to Edit Servers. Then write the absolute path to ck-client file in Plugin Program. Example of path: C:\Users\Hirbod\Downloads\Programs\ck-client-windows-amd64-2.1.3.exe

Non-Shadowsocks Client Setup

At first download the suitable plugin from here. Then download the ckclient.json and change it as you need it. link. Then run the ck-client like this:

./ck-client -s <YOUR_SERVER_IP> -p <CLOAK_PORT> -l <LOCAL_PORT> -c <PATH_TO_ckclient_json>

If you need to setup Tor or Openvpn with Cloak read here

Next Steps

FAQ

Cloak V1 FAQ

Cloak V2 FAQ (Soon...)

BBR

At first what is BBR?

TL;DR: It speeds up TCP connections = Faster Server

BBR or Bottleneck Bandwidth and Round-trip propagation time (BBR) is a TCP congestion control algorithm developed at Google in 2016. While most congestion control algorithms are loss-based, in that they rely on packet loss as a signal to lower rates of transmission, BBR is model-based. The algorithm uses the maximum bandwidth and round-trip time at which the network delivered the most recent flight of outbound data packets to build an explicit model of the network. Each cumulative or selective acknowledgment of packet delivery produces a rate sample which records the amount of data delivered over the time interval between the transmission of a data packet and the acknowledgment of that packet. As network interface controllers evolve from megabit per second to gigabit per second performance, packet loss should no longer be considered the primary determining factor in identifying congestion, making model-based congestion control algorithms which provide higher throughput and lower latency, such as BBR, a more reliable alternative to more popular algorithms like CUBIC. Source

How to setup BBR?

The requirement to enable BBR is to have Linux Kernel 4.9 or higher. If you do, you can enable BBR like this:

echo 'net.core.default_qdisc=fq' | sudo tee -a /etc/sysctl.conf
echo 'net.ipv4.tcp_congestion_control=bbr' | sudo tee -a /etc/sysctl.conf
sysctl -p

To check if it is enabled:

sysctl net.ipv4.tcp_available_congestion_control
# This should include bbr in it
sysctl -n net.ipv4.tcp_congestion_control
# This one should be bbr
lsmod | grep bbr
# The output will be similar to "tcp_bbr 16384 0"

If your kernel is not 4.9 or higher just search how to upgrade it.

Here are some handy links to install BBR and upgrade kernel:

CentOS

Ubuntu 16 and 17

Whole System Tunnel VPN

Shadowsocks cannot natively route all traffic. You can use some apps like SocksCap or other stuff to route applications through shadowsocks.

If you want a VPN you can use wireguard or openvpn.

Server

You can use any VPS or Dedicated Server. If you want a cheap and low-end server, I personally recommend to buy one at Virmach; They also accept cryptos!

Donations

You can donate to me through bitcoin at 1XDgEkpnkJ7hC8Kwv5adfaDC1Z3FrkwsK, Ethereum at 0xbb527a28B76235E1C125206B7CcFF944459b4894, ZCash at t1ZKYrYZCjxDYvo6mQaLZi3gNe2a6MydUo3 and Bitcoin Gold at GcNgxfyR3nnAsD3Nhuckvq14sXYuDFkK9P

More Repositories

1

MTProtoProxyInstaller

One-click script to install MTProto Proxy server on CentOS, Ubuntu and Debian
Shell
598
star
2

RedditDownloaderBot

A reddit downloader telegram bot
Go
62
star
3

V2Ray-Installer

A simple script to install v2fly/xray on servers
Shell
37
star
4

PortForwarder

A small program to forward TCP traffic with QoS options
Go
33
star
5

file2url-go

A Telegram bot to convert files to URL for direct download links.
Go
20
star
6

Downloader-Bot

A bot to download the files from internet and send them through Telegram
C#
17
star
7

Traffic-Trisect-Iran

Learn how to pay less for your downloads in Iran
Go
12
star
8

FileToUrl-Bot

A Telegram bot to convert files to URL without disk usage
Python
11
star
9

CaptchaBot

Share your links or texts with a Captcha via a Telegram Bot
Go
10
star
10

TelegramToVCF

Export your Telegram contacts as VCF
Go
7
star
11

Proxy-Switcher

A program to help you switch system proxies faster on windows
C#
6
star
12

X25519-CSharp

A small library to do X25519 key agreement in C#
C#
5
star
13

Deemix-Bot

A simple Telegram bot to download tracks using Deemix
Go
5
star
14

skyroom-recorder-compressor

A small GUI program to compress recorded classes of Skyroom using FFMpeg
Python
5
star
15

VideoArchiveBot

A Telegram bot which you can use to archive videos of classes
C#
4
star
16

URL-Shorter

A small application to shorten URLs
C#
3
star
17

TelegramFileUploader

A program to upload large files to Telegram with automatic metadata extraction
Go
3
star
18

QueraGradeExtractor

Extract Quera grades for a scoresheet based on Quera's excel output
C#
3
star
19

IP-Sender-Go

A simple Telegram bot to send your IP on it
Go
3
star
20

SecureForwarder

Securly forward your packets over the internet (FOR TESTING ONLY)
Go
3
star
21

IP-Sender

Send your IP public address via a telegram bot.
C#
3
star
22

Warp-Bot

A telegram bot that helps you get free warp wireguard profiles
Go
3
star
23

Shift-Forwarder

A small and stupid way to maybe, just maybe escape DPI
Go
3
star
24

MailGatherBot

A Telegram bot to gather emails from users in a group for a purpose.
Go
2
star
25

TehranAirNowBot

A small bot to fetch statics from https://airnow.tehran.ir/
Go
2
star
26

Paste-Ubuntu-Bot

A dead simple Telegram bot to share texts on http://paste.ubuntu.com
Go
2
star
27

CE-Site

HTML
2
star
28

PasswordGeneratorBot

A simple bot to generate random passwords
Go
2
star
29

Forward-Crypter

A program to encrypt and forward packets via websocket
Go
2
star
30

Webdev-1401

Assignments of Webdev course of Sharif University of Technology Fall 2022
HTML
2
star
31

File-Name-Obfuscate

Obfuscates all file names in a folder
C#
2
star
32

TelegramUploader

An app to upload large file (upto 1.5GB) to Telegram via command line
C#
2
star
33

KeepE-E-Server

Keep expanded and enhanced server application
Go
2
star
34

OS-Assignments

TeX
1
star
35

FilesToTarBot

A Telegram bot to convert a list of files to a single tar file
Go
1
star
36

UdpHolePunching

UDP hole punching POC written in Golang
Go
1
star
37

NowDNS-Client

The now-dns.com client written in Golang.
Go
1
star
38

InstaDownloader

Simple Instagram downloader
Java
1
star
39

Deemix-Discord-Bot

Discord bot to play music using deemix
Go
1
star
40

IP-Sender-Net-Core

IP Sender Telegram Bot in .Net Core
C#
1
star
41

Ram-Memory

Temporary store data in your RAM
C#
1
star
42

EasyX25519

A small library to make working with X25519 key agreement algorithm easier
Go
1
star
43

Encrypher

A way to encrypt any file.
C++
1
star
44

hacknet-decypher-screensaver

A screensaver like Hacknet's decypher program with ncurses
C
1
star
45

Secure-Chat-Server

Nothing to see here. Clients will be released later
Go
1
star
46

CSharpRandom

A library to use C# random class in Golang to create same numbers with a given seed
Go
1
star
47

ASM-Tookit

A CLI application to simulate running ASM charts and generating Verilog code from them.
C#
1
star
48

Password-Generator-Bot-Rust

Small telegram bot to generate random passwords.
Rust
1
star
49

Simple-Link-Shortener

A very simple link shortener written in GO
Go
1
star
50

ArabicFilenameFixer

Replace Arabic letters in your filenames with Persian letters
C#
1
star