{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations","id":"44946","self":"https://jira.geedge.net/rest/api/2/issue/44946","key":"OSS-316","fields":{"issuetype":{"self":"https://jira.geedge.net/rest/api/2/issuetype/10003","id":"10003","description":"事务的子任务。","iconUrl":"https://jira.geedge.net/secure/viewavatar?size=xsmall&avatarId=10316&avatarType=issuetype","name":"子任务","subtask":true,"avatarId":10316},"parent":{"id":"45041","key":"OSS-322","self":"https://jira.geedge.net/rest/api/2/issue/45041","fields":{"summary":"【M22项目】VPN特征提取","status":{"self":"https://jira.geedge.net/rest/api/2/status/10100","description":"此问题正在被经办人积极处理。","iconUrl":"https://jira.geedge.net/images/icons/status_generic.gif","name":"处理中","id":"10100","statusCategory":{"self":"https://jira.geedge.net/rest/api/2/statuscategory/4","id":4,"key":"indeterminate","colorName":"yellow","name":"处理中"}},"priority":{"self":"https://jira.geedge.net/rest/api/2/priority/3","iconUrl":"https://jira.geedge.net/images/icons/priorities/medium.svg","name":"Medium","id":"3"},"issuetype":{"self":"https://jira.geedge.net/rest/api/2/issuetype/10002","id":"10002","description":"需要完成的任务。","iconUrl":"https://jira.geedge.net/secure/viewavatar?size=xsmall&avatarId=10318&avatarType=issuetype","name":"任务","subtask":false,"avatarId":10318}}},"components":[],"timespent":null,"timeoriginalestimate":null,"description":"1、Betternet VPN特征提取\r\n\r\n2、可以使用44.228环境进行特征提取，BJ环境进行误封测试\r\n\r\n3、[https://docs.geedge.net/pages/viewpage.action?pageId=129101971]\r\n\r\n4、[~niuchang] 和[~wangshiyang] 一起进行这个软件的特征提取","project":{"self":"https://jira.geedge.net/rest/api/2/project/10204","id":"10204","key":"OSS","name":"On-site Support","projectTypeKey":"business","avatarUrls":{"48x48":"https://jira.geedge.net/secure/projectavatar?pid=10204&avatarId=10716","24x24":"https://jira.geedge.net/secure/projectavatar?size=small&pid=10204&avatarId=10716","16x16":"https://jira.geedge.net/secure/projectavatar?size=xsmall&pid=10204&avatarId=10716","32x32":"https://jira.geedge.net/secure/projectavatar?size=medium&pid=10204&avatarId=10716"},"projectCategory":{"self":"https://jira.geedge.net/rest/api/2/projectCategory/10002","id":"10002","description":"系统运维","name":"MaintenanceDev"}},"fixVersions":[],"aggregatetimespent":null,"resolution":{"self":"https://jira.geedge.net/rest/api/2/resolution/10000","id":"10000","description":"该问题的工作流程已完成。","name":"完成"},"timetracking":{},"customfield_10401":null,"customfield_10104":null,"customfield_10402":null,"customfield_10105":"0|i05rvo:","customfield_10403":null,"customfield_10404":null,"attachment":[],"aggregatetimeestimate":null,"resolutiondate":"2024-08-07T18:18:16.298+0800","workratio":-1,"summary":"【M22项目】Betternet VPN特征提取","lastViewed":null,"watches":{"self":"https://jira.geedge.net/rest/api/2/issue/OSS-316/watchers","watchCount":2,"isWatching":false},"creator":{"self":"https://jira.geedge.net/rest/api/2/user?username=niuxiang","name":"niuxiang","key":"JIRAUSER10114","emailAddress":"niuxiang@geedgenetworks.com","avatarUrls":{"48x48":"https://jira.geedge.net/secure/useravatar?avatarId=10349","24x24":"https://jira.geedge.net/secure/useravatar?size=small&avatarId=10349","16x16":"https://jira.geedge.net/secure/useravatar?size=xsmall&avatarId=10349","32x32":"https://jira.geedge.net/secure/useravatar?size=medium&avatarId=10349"},"displayName":"牛翔","active":true,"timeZone":"Asia/Shanghai"},"subtasks":[],"created":"2024-07-16T09:31:15.772+0800","reporter":{"self":"https://jira.geedge.net/rest/api/2/user?username=niuxiang","name":"niuxiang","key":"JIRAUSER10114","emailAddress":"niuxiang@geedgenetworks.com","avatarUrls":{"48x48":"https://jira.geedge.net/secure/useravatar?avatarId=10349","24x24":"https://jira.geedge.net/secure/useravatar?size=small&avatarId=10349","16x16":"https://jira.geedge.net/secure/useravatar?size=xsmall&avatarId=10349","32x32":"https://jira.geedge.net/secure/useravatar?size=medium&avatarId=10349"},"displayName":"牛翔","active":true,"timeZone":"Asia/Shanghai"},"customfield_10000":"{summaryBean=com.atlassian.jira.plugin.devstatus.rest.SummaryBean@5b65267c[summary={pullrequest=com.atlassian.jira.plugin.devstatus.rest.SummaryItemBean@12eeeac5[overall=PullRequestOverallBean{stateCount=0, state='OPEN', details=PullRequestOverallDetails{openCount=0, mergedCount=0, declinedCount=0}},byInstanceType={}], build=com.atlassian.jira.plugin.devstatus.rest.SummaryItemBean@d930f8e[overall=com.atlassian.jira.plugin.devstatus.summary.beans.BuildOverallBean@68ce643b[failedBuildCount=0,successfulBuildCount=0,unknownBuildCount=0,count=0,lastUpdated=<null>,lastUpdatedTimestamp=<null>],byInstanceType={}], review=com.atlassian.jira.plugin.devstatus.rest.SummaryItemBean@c918354[overall=com.atlassian.jira.plugin.devstatus.summary.beans.ReviewsOverallBean@4fe33314[stateCount=0,state=<null>,dueDate=<null>,overDue=false,count=0,lastUpdated=<null>,lastUpdatedTimestamp=<null>],byInstanceType={}], deployment-environment=com.atlassian.jira.plugin.devstatus.rest.SummaryItemBean@5a19ba19[overall=com.atlassian.jira.plugin.devstatus.summary.beans.DeploymentOverallBean@41edf2dd[topEnvironments=[],showProjects=false,successfulCount=0,count=0,lastUpdated=<null>,lastUpdatedTimestamp=<null>],byInstanceType={}], repository=com.atlassian.jira.plugin.devstatus.rest.SummaryItemBean@41e64297[overall=com.atlassian.jira.plugin.devstatus.summary.beans.CommitOverallBean@174ba22c[count=0,lastUpdated=<null>,lastUpdatedTimestamp=<null>],byInstanceType={}], branch=com.atlassian.jira.plugin.devstatus.rest.SummaryItemBean@950bae[overall=com.atlassian.jira.plugin.devstatus.summary.beans.BranchOverallBean@2e407a7b[count=0,lastUpdated=<null>,lastUpdatedTimestamp=<null>],byInstanceType={}]},errors=[],configErrors=[]], devSummaryJson={\"cachedValue\":{\"errors\":[],\"configErrors\":[],\"summary\":{\"pullrequest\":{\"overall\":{\"count\":0,\"lastUpdated\":null,\"stateCount\":0,\"state\":\"OPEN\",\"details\":{\"openCount\":0,\"mergedCount\":0,\"declinedCount\":0,\"total\":0},\"open\":true},\"byInstanceType\":{}},\"build\":{\"overall\":{\"count\":0,\"lastUpdated\":null,\"failedBuildCount\":0,\"successfulBuildCount\":0,\"unknownBuildCount\":0},\"byInstanceType\":{}},\"review\":{\"overall\":{\"count\":0,\"lastUpdated\":null,\"stateCount\":0,\"state\":null,\"dueDate\":null,\"overDue\":false,\"completed\":false},\"byInstanceType\":{}},\"deployment-environment\":{\"overall\":{\"count\":0,\"lastUpdated\":null,\"topEnvironments\":[],\"showProjects\":false,\"successfulCount\":0},\"byInstanceType\":{}},\"repository\":{\"overall\":{\"count\":0,\"lastUpdated\":null},\"byInstanceType\":{}},\"branch\":{\"overall\":{\"count\":0,\"lastUpdated\":null},\"byInstanceType\":{}}}},\"isStale\":false}}","aggregateprogress":{"progress":0,"total":0},"customfield_10100":null,"priority":{"self":"https://jira.geedge.net/rest/api/2/priority/3","iconUrl":"https://jira.geedge.net/images/icons/priorities/medium.svg","name":"Medium","id":"3"},"customfield_10200":null,"customfield_10400":null,"labels":[],"environment":null,"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"duedate":"2024-07-19","progress":{"progress":0,"total":0},"issuelinks":[],"comment":{"comments":[{"self":"https://jira.geedge.net/rest/api/2/issue/44946/comment/83382","id":"83382","author":{"self":"https://jira.geedge.net/rest/api/2/user?username=niuchang","name":"niuchang","key":"JIRAUSER11815","emailAddress":"Niuchang@geedgenetworks.com","avatarUrls":{"48x48":"https://jira.geedge.net/secure/useravatar?ownerId=JIRAUSER11815&avatarId=12002","24x24":"https://jira.geedge.net/secure/useravatar?size=small&ownerId=JIRAUSER11815&avatarId=12002","16x16":"https://jira.geedge.net/secure/useravatar?size=xsmall&ownerId=JIRAUSER11815&avatarId=12002","32x32":"https://jira.geedge.net/secure/useravatar?size=medium&ownerId=JIRAUSER11815&avatarId=12002"},"displayName":"钮昌","active":true,"timeZone":"Asia/Shanghai"},"body":"使用fiddler解密，发现4个获取节点通信域名，但返回为加密内容，使用协议为wireguard，Hydra(自有协议，使用tls1.2且伪造域名)，IKEv2，Hydra可使用ja3完全阻断，且阻断后会不断连接新节点，因此先使用这种方案提取Hydra节点，已有3400余个。\r\n钮昌完成工作：VPN通信方式分析，节点提取方案研究与验证，提取fqdn特征4个，serverip特征1100余个。\r\n王世杨完成工作：VPN Android端、IOS端、PC端抓包与协议分析，系统内置wireguard协议阻断该VPN验证，提取serverip特征2300余个。","updateAuthor":{"self":"https://jira.geedge.net/rest/api/2/user?username=niuchang","name":"niuchang","key":"JIRAUSER11815","emailAddress":"Niuchang@geedgenetworks.com","avatarUrls":{"48x48":"https://jira.geedge.net/secure/useravatar?ownerId=JIRAUSER11815&avatarId=12002","24x24":"https://jira.geedge.net/secure/useravatar?size=small&ownerId=JIRAUSER11815&avatarId=12002","16x16":"https://jira.geedge.net/secure/useravatar?size=xsmall&ownerId=JIRAUSER11815&avatarId=12002","32x32":"https://jira.geedge.net/secure/useravatar?size=medium&ownerId=JIRAUSER11815&avatarId=12002"},"displayName":"钮昌","active":true,"timeZone":"Asia/Shanghai"},"created":"2024-07-16T18:01:33.320+0800","updated":"2024-07-16T18:01:33.320+0800"},{"self":"https://jira.geedge.net/rest/api/2/issue/44946/comment/83414","id":"83414","author":{"self":"https://jira.geedge.net/rest/api/2/user?username=wangshiyang","name":"wangshiyang","key":"JIRAUSER11703","emailAddress":"wangshiyang@geedgenetworks.com","avatarUrls":{"48x48":"https://www.gravatar.com/avatar/843f474d6d0106ca4f850089e69a1011?d=mm&s=48","24x24":"https://www.gravatar.com/avatar/843f474d6d0106ca4f850089e69a1011?d=mm&s=24","16x16":"https://www.gravatar.com/avatar/843f474d6d0106ca4f850089e69a1011?d=mm&s=16","32x32":"https://www.gravatar.com/avatar/843f474d6d0106ca4f850089e69a1011?d=mm&s=32"},"displayName":"王世杨","active":true,"timeZone":"Asia/Shanghai"},"body":"继续使用ja3阻断Hydra协议，提取server ip 8078个（包含昨日3400个），发现window版本IKEv2协议穿透，抓包发现使用源端口与目的端口为500、4500端口通信，使用源地址+500、4500端口和任何地址+500、4500端口下策略阻断，提取server ip 269个；\r\n\r\n钮昌完成工作：编写window自动化脚本，不断点击VPN连接按钮，且阻断后会不断连接新节点，提取serverip特征2400余个。\r\n\r\n王世杨完成工作：VPN PC端IKEv2协议分析，系统内置isakmp协议阻断该VPN验证，提取serverip特征2400余个。","updateAuthor":{"self":"https://jira.geedge.net/rest/api/2/user?username=wangshiyang","name":"wangshiyang","key":"JIRAUSER11703","emailAddress":"wangshiyang@geedgenetworks.com","avatarUrls":{"48x48":"https://www.gravatar.com/avatar/843f474d6d0106ca4f850089e69a1011?d=mm&s=48","24x24":"https://www.gravatar.com/avatar/843f474d6d0106ca4f850089e69a1011?d=mm&s=24","16x16":"https://www.gravatar.com/avatar/843f474d6d0106ca4f850089e69a1011?d=mm&s=16","32x32":"https://www.gravatar.com/avatar/843f474d6d0106ca4f850089e69a1011?d=mm&s=32"},"displayName":"王世杨","active":true,"timeZone":"Asia/Shanghai"},"created":"2024-07-17T18:36:18.491+0800","updated":"2024-07-17T18:36:18.491+0800"},{"self":"https://jira.geedge.net/rest/api/2/issue/44946/comment/83445","id":"83445","author":{"self":"https://jira.geedge.net/rest/api/2/user?username=wangshiyang","name":"wangshiyang","key":"JIRAUSER11703","emailAddress":"wangshiyang@geedgenetworks.com","avatarUrls":{"48x48":"https://www.gravatar.com/avatar/843f474d6d0106ca4f850089e69a1011?d=mm&s=48","24x24":"https://www.gravatar.com/avatar/843f474d6d0106ca4f850089e69a1011?d=mm&s=24","16x16":"https://www.gravatar.com/avatar/843f474d6d0106ca4f850089e69a1011?d=mm&s=16","32x32":"https://www.gravatar.com/avatar/843f474d6d0106ca4f850089e69a1011?d=mm&s=32"},"displayName":"王世杨","active":true,"timeZone":"Asia/Shanghai"},"body":"继续使用ja3阻断Hydra协议，提取server ip 9000余个；\r\n\r\n钮昌完成工作：编写脚本从会话日志中筛选serverip追加到IP列表中，提取serverip特征500余个。\r\n\r\n王世杨完成工作：编写自动化脚本，测试特征效果，提取serverip特征500余个。","updateAuthor":{"self":"https://jira.geedge.net/rest/api/2/user?username=wangshiyang","name":"wangshiyang","key":"JIRAUSER11703","emailAddress":"wangshiyang@geedgenetworks.com","avatarUrls":{"48x48":"https://www.gravatar.com/avatar/843f474d6d0106ca4f850089e69a1011?d=mm&s=48","24x24":"https://www.gravatar.com/avatar/843f474d6d0106ca4f850089e69a1011?d=mm&s=24","16x16":"https://www.gravatar.com/avatar/843f474d6d0106ca4f850089e69a1011?d=mm&s=16","32x32":"https://www.gravatar.com/avatar/843f474d6d0106ca4f850089e69a1011?d=mm&s=32"},"displayName":"王世杨","active":true,"timeZone":"Asia/Shanghai"},"created":"2024-07-18T18:23:55.904+0800","updated":"2024-07-18T18:23:55.904+0800"}],"maxResults":3,"total":3,"startAt":0},"votes":{"self":"https://jira.geedge.net/rest/api/2/issue/OSS-316/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"assignee":{"self":"https://jira.geedge.net/rest/api/2/user?username=niuchang","name":"niuchang","key":"JIRAUSER11815","emailAddress":"Niuchang@geedgenetworks.com","avatarUrls":{"48x48":"https://jira.geedge.net/secure/useravatar?ownerId=JIRAUSER11815&avatarId=12002","24x24":"https://jira.geedge.net/secure/useravatar?size=small&ownerId=JIRAUSER11815&avatarId=12002","16x16":"https://jira.geedge.net/secure/useravatar?size=xsmall&ownerId=JIRAUSER11815&avatarId=12002","32x32":"https://jira.geedge.net/secure/useravatar?size=medium&ownerId=JIRAUSER11815&avatarId=12002"},"displayName":"钮昌","active":true,"timeZone":"Asia/Shanghai"},"updated":"2024-08-07T18:18:16.299+0800","status":{"self":"https://jira.geedge.net/rest/api/2/status/10102","description":"","iconUrl":"https://jira.geedge.net/images/icons/status_generic.gif","name":"完成","id":"10102","statusCategory":{"self":"https://jira.geedge.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"完成"}}}}