Last active
December 28, 2025 04:25
-
-
Save xArieN9x/026bc1ac57d1e3c3f899e2429ac72a65 to your computer and use it in GitHub Desktop.
coversation with chatGPT
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # CB CoreEngine — R&D Summary (Malaysia Telco Reality) | |
| ## 1. Latar Belakang Projek | |
| CB (Companion Bot) dibangunkan untuk membantu kestabilan & kebarangkalian order masuk bagi app Panda (food delivery). | |
| Asal idea: | |
| - Sniff traffic Panda (guna PCAPdroid) | |
| - Kenal pasti host / pattern order masuk | |
| - Kekalkan network dalam keadaan “warm & stable” | |
| Realiti: | |
| - VPN tunneling manual (tun2socks / custom forwarder) **GAGAL** | |
| - Panda tiada internet walaupun VPN hijau | |
| - TCP connection sentiasa **RST / FIN awal** | |
| --- | |
| ## 2. Kenapa tun2socks & VPN custom FAIL | |
| ### Observation: | |
| - UDP boleh jalan (DNS, small packets) | |
| - TCP handshake OK | |
| - TLS ClientHello SEND OK | |
| - Server balas **7 bytes sahaja → RST / FIN** | |
| ### Kesimpulan: | |
| Ini **BUKAN bug code semata-mata**, tapi: | |
| - TCP stack incomplete | |
| - Tiada proper TCP state machine | |
| - Sequence / ACK / Window mismatch | |
| - TLS server (CloudFront / Akamai / Perseus) **reject** | |
| > tun2socks ≠ solution sniffing | |
| > tun2socks = redirect traffic, bukan emulate full TCP/IP stack | |
| --- | |
| ## 3. Kenapa PCAPdroid BOLEH sniff | |
| PCAPdroid: | |
| - Guna **VpnService** | |
| - **TIDAK forward traffic** | |
| - Kernel Android handle TCP/IP sepenuhnya | |
| - App hanya READ packet (TUN read-only) | |
| Key point: | |
| > PCAPdroid **tidak interfere TCP** | |
| > sebab itu app target kekal ada internet | |
| Native `.so` mereka: | |
| - Untuk parsing & export packet | |
| - BUKAN TCP engine | |
| 👉 Sebab itu “download native PCAPdroid” **tak solve masalah forward** | |
| --- | |
| ## 4. Discovery Paling Penting (BREAKTHROUGH) | |
| ### Pattern sebenar (Chrome & Panda): | |
| - Connect → OK | |
| - Send data → OK | |
| - Response kecil (7 bytes) | |
| - Immediate **RST / FIN** | |
| Makna: | |
| > Server detect connection **TAK NORMAL** | |
| > dan force close | |
| Ini konsisten dengan: | |
| - CDN security | |
| - Anti MITM | |
| - Anti proxy / tunnel | |
| --- | |
| ## 5. Hypothesis sebenar: Kenapa order senang masuk bila PCAP ON | |
| Bukan sebab “ping host perseus”. | |
| Lebih tepat: | |
| - PCAPdroid VPN → **network path stabil** | |
| - Connection reuse (keep-alive) jadi lebih konsisten | |
| - Network stack kekal aktif | |
| - Radio LTE tak masuk idle aggressive | |
| - DNS resolution tak reset | |
| ➡️ **Network “warm” > packet manipulation** | |
| --- | |
| ## 6. Pivot Besar: Buang VPN, lahirkan CoreEngine (CE) | |
| CB direka semula: | |
| - ❌ Tiada VPN tunnel | |
| - ❌ Tiada packet forward | |
| - ❌ Tiada MITM | |
| ### CoreEngine Objective: | |
| > Kekalkan keadaan network optimum | |
| > TANPA sentuh payload | |
| --- | |
| ## 7. CoreEngine Responsibilities | |
| ### Network Layer: | |
| - Kekalkan radio LTE/WiFi active | |
| - Elak aggressive idle | |
| - Elak DNS cache reset | |
| - Elak TCP cold start | |
| ### System Layer: | |
| - Partial wakelock | |
| - Network request foreground | |
| - Elak app kill oleh system | |
| ### GPS Layer: | |
| - Lock location | |
| - Kurangkan jitter | |
| - Pastikan accuracy stabil semasa order masuk | |
| --- | |
| ## 8. DNS Strategy (Realiti Telco Malaysia) | |
| Fakta: | |
| - Telco Malaysia throttle / degrade silently | |
| - DNS popular (1.1.1.1, 8.8.8.8) overload | |
| ### Design: | |
| CB guna **DNS changer style (NON-VPN)** | |
| UI: | |
| - Button **ON A** → DNS A (custom, stable) | |
| - Button **ON B** → DNS B (1.1.1.1 fallback) | |
| - Button **OFF** → restore default | |
| Important: | |
| - DNS apply **system-wide** | |
| - Panda TAK isolated DNS | |
| - Fokus pada **path stability**, bukan privacy | |
| --- | |
| ## 9. Kenapa BUKAN isolate Panda DNS | |
| Android: | |
| - Tiada per-app DNS tanpa VPN | |
| - VPN = masalah lama berulang | |
| Decision: | |
| > Lebih baik **global DNS stable** | |
| > daripada per-app DNS yang rosak | |
| --- | |
| ## 10. Role Baru CB | |
| CB bukan: | |
| - VPN | |
| - Proxy | |
| - Packet manipulator | |
| CB ialah: | |
| > **Network Conditioning Engine** | |
| Dia: | |
| - Panaskan network | |
| - Kekalkan consistency | |
| - Kurangkan jitter & reset | |
| --- | |
| ## 11. Button Workflow (Updated) | |
| ### ON A / ON B: | |
| - Activate CoreEngine | |
| - Apply DNS | |
| - Enable wakelock | |
| - Stabilize GPS | |
| - Toast: “CoreEngine Active” | |
| ### OFF: | |
| - Force stop Panda | |
| - Release wakelock | |
| - Restore DNS | |
| - Reset state | |
| --- | |
| ## 12. Next Step (Session Baru) | |
| Dalam session baru: | |
| 1. Implement **DNS changer NON-VPN** | |
| 2. Implement **wakelock + network request** | |
| 3. GPS lock refinement | |
| 4. Memory pressure monitoring | |
| 5. UI ON A / ON B logic | |
| 🚫 Jangan sentuh packet / TCP / VPN lagi | |
| --- | |
| ## Final Truth (No Sugarcoat) | |
| ❌ VPN sniff + forward = dead end | |
| ❌ tun2socks bukan tool untuk kes ini | |
| ✅ Network conditioning + stability = jalan sebenar | |
| Ini bukan hacking. | |
| Ini **understanding telco + Android behavior**. | |
| — End of R&D — |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment