Page 1 of 1
I've successfully reverse coding the softether main program,but some question arises
Posted: Fri Mar 13, 2026 6:15 am
by oscar
I've successfully reverse coding the softether main program,however the problem below remains unanswered:
1.If a cascade connection with NoRouter NoBridge code module inside .c .h file removed,did the actual server still allow the connection?
this means the client/cascading connection module inside softetherVPN which i've changed the source code sends the connect request to a real softether server,but however the router / bridge mode flag is totally removed right from inside the source code,which mean the modified version of the software do not have router bridge session logic at all,and do allow all kinds of communications between the client & server actually in real cases
2.If the target non-modified source code original softetherVPN server receive such connection request,will it discard to request totally because the entire router / bridge flags is omitted duing a VPN session establishing from the client to the server?
And if this is yes,i need to modify both source code on not only the client also the server side
Re: I've successfully reverse coding the softether main program,but some question arises
Posted: Fri Mar 13, 2026 6:21 am
by oscar
I can drop the source code here,but please keep an eye here,this is source code not the compliled ones,my os is modified and some system files failed to work,i had to use another cloud VM machine to complie that code
Re: I've successfully reverse coding the softether main program,but some question arises
Posted: Fri Mar 13, 2026 6:23 am
by oscar
All [policy items]code blocks are omitted for bypassing policy restrictions on the softether user accounts limits
Re: I've successfully reverse coding the softether main program,but some question arises
Posted: Fri Mar 13, 2026 6:25 am
by oscar
This means my modifed version of softether software will never knows what actually a "security policy" actually is!
Re: I've successfully reverse coding the softether main program,but some question arises
Posted: Fri Mar 13, 2026 1:51 pm
by solo
The term "reverse" applies to disassembling/decompiling binaries. SoftEther's source code is openly available and there is nothing to reverse here.
Anyway, you're wasting your time, look at "Hub.c":
Code: Select all
// Examine a number of MAC addresses that are registered in this current session
for (i = 0;i < num_pp;i++)
{
MAC_TABLE_ENTRY *e = pp[i];
if (e->Session == s)
{
num_mac_for_me++;
}
}
Free(pp);
limited_count = 0xffffffff;
if (s->Policy->NoBridge)
{
limited_count = MIN(limited_count, MAC_MIN_LIMIT_COUNT);
}
if (s->Policy->MaxMac != 0)
{
limited_count = MIN(limited_count, s->Policy->MaxMac);
}
limited_count = MAX(limited_count, MAC_MIN_LIMIT_COUNT);
if (num_mac_for_me >= limited_count)
{
// Number of MAC addresses that are registered already exceeds the upper limit
char mac_str[64];
if (s != NULL)
{
MacToStr(mac_str, sizeof(mac_str), packet->MacAddressSrc);
if (s->Policy->NoBridge)
{
if (no_heavy == false)
{
HLog(hub, "LH_BRIDGE_LIMIT", s->Name, mac_str, num_mac_for_me, limited_count);
}
}
else
{
if (no_heavy == false)
{
HLog(hub, "LH_MAC_LIMIT", s->Name, mac_str, num_mac_for_me, limited_count);
}
}
}
goto DISCARD_PACKET; // Drop the packet
Let's "reverse" it into essential points:
- Examine a number of MAC addresses that are registered in this current session
- if (s->Policy->NoBridge)
- Number of MAC addresses that are registered already exceeds the upper limit
- goto DISCARD_PACKET; // Drop the packet
So, you can modify SE client all you want but SE server (a VPN Gate you hope for), will reject it.
That said, your objective of sharing a VPN Gate connection can be accomplished by other means:
- Linux
viewtopic.php?f=7&t=67926#p97477
- Windows
viewtopic.php?f=7&t=68422#p99602
Re: I've successfully reverse coding the softether main program,but some question arises
Posted: Fri Mar 13, 2026 2:53 pm
by oscar
solo wrote: ↑Fri Mar 13, 2026 1:51 pm
The term "reverse" applies to disassembling/decompiling binaries. SoftEther's source code is openly available and there is nothing to reverse here.
Anyway, you're wasting your time, look at "Hub.c":
Code: Select all
// Examine a number of MAC addresses that are registered in this current session
for (i = 0;i < num_pp;i++)
{
MAC_TABLE_ENTRY *e = pp[i];
if (e->Session == s)
{
num_mac_for_me++;
}
}
Free(pp);
limited_count = 0xffffffff;
if (s->Policy->NoBridge)
{
limited_count = MIN(limited_count, MAC_MIN_LIMIT_COUNT);
}
if (s->Policy->MaxMac != 0)
{
limited_count = MIN(limited_count, s->Policy->MaxMac);
}
limited_count = MAX(limited_count, MAC_MIN_LIMIT_COUNT);
if (num_mac_for_me >= limited_count)
{
// Number of MAC addresses that are registered already exceeds the upper limit
char mac_str[64];
if (s != NULL)
{
MacToStr(mac_str, sizeof(mac_str), packet->MacAddressSrc);
if (s->Policy->NoBridge)
{
if (no_heavy == false)
{
HLog(hub, "LH_BRIDGE_LIMIT", s->Name, mac_str, num_mac_for_me, limited_count);
}
}
else
{
if (no_heavy == false)
{
HLog(hub, "LH_MAC_LIMIT", s->Name, mac_str, num_mac_for_me, limited_count);
}
}
}
goto DISCARD_PACKET; // Drop the packet
Let's "reverse" it into essential points:
- Examine a number of MAC addresses that are registered in this current session
- if (s->Policy->NoBridge)
- Number of MAC addresses that are registered already exceeds the upper limit
- goto DISCARD_PACKET; // Drop the packet
So, you can modify SE client all you want but SE server (a VPN Gate you hope for), will reject it.
That said, your objective of sharing a VPN Gate connection can be accomplished by other means:
- Linux
viewtopic.php?f=7&t=67926#p97477
- Windows
viewtopic.php?f=7&t=68422#p99602
if (s->Policy->NoBridge)
Even router / bridge codes are omitted,what i mean is that client just create a regular VPN Session,but however, in my own version of softether hosted VPS server,i can start a cascade connection,this means that inside cascade connection there's no such thing as router / bridge mode,this just carries out a regular VPN Session without any limitation,hence bypassing the limit
Please note that of course i can use ICS inside windows to pass all limits right away,but because the performance of that Server doing the NAT with ICS is slowed down[which means networking performance is degraded 2 times before starting such a service]
So , mean while doing this
Code: Select all
is perhaps the only way to archive the both:
1.Just use "regular mode" in cascade connection with your own virtual HUB,it will never starts a router / bridge mode session [ the code omitted the required functions]and all policy related restriction will also omitted
2.This do not use ICS in a VPS Host at all,many VPS with softether local bridge enabled or not already have a NAT service running,starting up another do not have anything good to do with performance
3.Perhaps i need to change the data on the wire [ softether protocol networking bits and bytes that will put data on the ethernet wire],and tricks the target server into trusting it's a real softether client / bridge connecting to it [ read my post about FRP in another github project https://github.com/fatedier/frp it appears as a router mode session,but inside FRP we do not have any bit & bytes citing that this is a router / bridge mode session,only softether dicides what mode of session it actually is]
Re: I've successfully reverse coding the softether main program,but some question arises
Posted: Fri Mar 13, 2026 3:00 pm
by oscar
solo wrote: ↑Fri Mar 13, 2026 1:51 pm
The term "reverse" applies to disassembling/decompiling binaries. SoftEther's source code is openly available and there is nothing to reverse here.
Anyway, you're wasting your time, look at "Hub.c":
Code: Select all
// Examine a number of MAC addresses that are registered in this current session
for (i = 0;i < num_pp;i++)
{
MAC_TABLE_ENTRY *e = pp[i];
if (e->Session == s)
{
num_mac_for_me++;
}
}
Free(pp);
limited_count = 0xffffffff;
if (s->Policy->NoBridge)
{
limited_count = MIN(limited_count, MAC_MIN_LIMIT_COUNT);
}
if (s->Policy->MaxMac != 0)
{
limited_count = MIN(limited_count, s->Policy->MaxMac);
}
limited_count = MAX(limited_count, MAC_MIN_LIMIT_COUNT);
if (num_mac_for_me >= limited_count)
{
// Number of MAC addresses that are registered already exceeds the upper limit
char mac_str[64];
if (s != NULL)
{
MacToStr(mac_str, sizeof(mac_str), packet->MacAddressSrc);
if (s->Policy->NoBridge)
{
if (no_heavy == false)
{
HLog(hub, "LH_BRIDGE_LIMIT", s->Name, mac_str, num_mac_for_me, limited_count);
}
}
else
{
if (no_heavy == false)
{
HLog(hub, "LH_MAC_LIMIT", s->Name, mac_str, num_mac_for_me, limited_count);
}
}
}
goto DISCARD_PACKET; // Drop the packet
Let's "reverse" it into essential points:
- Examine a number of MAC addresses that are registered in this current session
- if (s->Policy->NoBridge)
- Number of MAC addresses that are registered already exceeds the upper limit
- goto DISCARD_PACKET; // Drop the packet
So, you can modify SE client all you want but SE server (a VPN Gate you hope for), will reject it.
That said, your objective of sharing a VPN Gate connection can be accomplished by other means:
- Linux
viewtopic.php?f=7&t=67926#p97477
- Windows
viewtopic.php?f=7&t=68422#p99602
To trick the server into trusting it's a regular VPN Session to it is unbelievable easy,the regular thinking ways as follows:
1.Client do not send policy "router / bridge" header when creating VPN
2.When received policy header from a server,the client's source code is omitted all the required logic that it had to perform in order to stop the session or drop the packet , furthermore,the client can received the "no_Router" "no_bridge" headers,but still acts as a router / bridge mode session thanks to my source code in my own personal VPS
3.Perhaps you[server side] will drop my packet at the server level,but please note that the client can craft packets just looks like a unmodified SoftEtherVPN client to bypass limits,think how actually https can bypass firewall in this way
Re: I've successfully reverse coding the softether main program,but some question arises
Posted: Fri Mar 13, 2026 3:02 pm
by oscar
solo wrote: ↑Fri Mar 13, 2026 1:51 pm
The term "reverse" applies to disassembling/decompiling binaries. SoftEther's source code is openly available and there is nothing to reverse here.
Anyway, you're wasting your time, look at "Hub.c":
Code: Select all
// Examine a number of MAC addresses that are registered in this current session
for (i = 0;i < num_pp;i++)
{
MAC_TABLE_ENTRY *e = pp[i];
if (e->Session == s)
{
num_mac_for_me++;
}
}
Free(pp);
limited_count = 0xffffffff;
if (s->Policy->NoBridge)
{
limited_count = MIN(limited_count, MAC_MIN_LIMIT_COUNT);
}
if (s->Policy->MaxMac != 0)
{
limited_count = MIN(limited_count, s->Policy->MaxMac);
}
limited_count = MAX(limited_count, MAC_MIN_LIMIT_COUNT);
if (num_mac_for_me >= limited_count)
{
// Number of MAC addresses that are registered already exceeds the upper limit
char mac_str[64];
if (s != NULL)
{
MacToStr(mac_str, sizeof(mac_str), packet->MacAddressSrc);
if (s->Policy->NoBridge)
{
if (no_heavy == false)
{
HLog(hub, "LH_BRIDGE_LIMIT", s->Name, mac_str, num_mac_for_me, limited_count);
}
}
else
{
if (no_heavy == false)
{
HLog(hub, "LH_MAC_LIMIT", s->Name, mac_str, num_mac_for_me, limited_count);
}
}
}
goto DISCARD_PACKET; // Drop the packet
Let's "reverse" it into essential points:
- Examine a number of MAC addresses that are registered in this current session
- if (s->Policy->NoBridge)
- Number of MAC addresses that are registered already exceeds the upper limit
- goto DISCARD_PACKET; // Drop the packet
So, you can modify SE client all you want but SE server (a VPN Gate you hope for), will reject it.
That said, your objective of sharing a VPN Gate connection can be accomplished by other means:
- Linux
viewtopic.php?f=7&t=67926#p97477
- Windows
viewtopic.php?f=7&t=68422#p99602
To craft a vpn client that just acts as other clients without policy and limits coding blocks is so easy,the only way is you had to deeply read through the entire source code , and actually tapping all data between a client & a server to see what's actually on the wire[in wireshark]
Re: I've successfully reverse coding the softether main program,but some question arises
Posted: Fri Mar 13, 2026 3:06 pm
by oscar
Drop all {"deny_bridge", 0},
{"deny_routing", 0},
code blocks just do the job,but the most time wasting part is THIS MUST DONE EACH AND EVERY .c .h files,not just only 1 file or component in the project.
And yes this is a reverse engineering work but not for the compliled exe files , and if such code works you may already find a github public link here