Several weaknesses were discovered in the V2Ray recently, which could be used to identify V2Ray clients or servers that run VMess, TLS or HTTP protocol. Below is our summary and understanding on these weaknesses. In general, these weaknesses fall into three categories: Inappropriate authentications in VMess, making the servers vulnerable to replay attacks. Hardcoded unique ciphersuites, leading to the rarely-seen fingerprints of the TLS ClientHello messages. Failed attempt to parrot/mimic the...
