技术控

    今日:123| 主题:49488
收藏本版 (1)
最新软件应用技术尽在掌握

[其他] Studying the Internet Censorship in South Korea

[复制链接]
难拥友 发表于 2016-10-17 20:09:42
157 5

立即注册CoLaBug.com会员,免费获得投稿人的专业资料,享用更多功能,玩转个人品牌!

您需要 登录 才可以下载或查看,没有帐号?立即注册

x
TL;DR: Please go directly to theto discover how (in)effective the censorship of Internet in South Korea is. This blogpost can be served for you to remind how HTTP requests work.
  Table of contents

   1. First contact with the censorship system
   2. Locating the censorship system in the networks
   3. Inner work of the censorship system
   3.1. Different answers provided by censorship systems
   3.1.1. Direct HTML as an answer
   3.1.2. Direct HTML as an answer (censorship system A)
   3.1.3. 302 Temporary redirect (censorship system B)
   3.3. Let's debug the censorship system - From HTTP/0.9 to HTTP/1.1
   3.5 More tricky requests with HTTP
   3.5.2. HTTP requests methods
   3.5.3. Having fun with HTTP/1.1 persistent connection
   3.5.4. HTTP vs. HTTPS
   3.5.5. Random behaviors provided by the censorship system
   3.5.6. CDN for content (VOD/images)
   3.5.7. HTTP2 for http URIs
   3.5.9. HTTP2 for https URIs
   3.5.10. Readline vs. buffered HTTP requests
   4. Using HTTP proxies
   6. Bypassing the filter
   6.1. By using a different vhost (easy-PoC)
   6.2. By using HTTP persistent connection: HEAD then GET (PoC)
   6.3. By using HTTP persistent connection: GET then GET (PoC)
   6.4. By using \n instead of \r\n in the HTTP requests (unreliable method, PoC)
   6.5. By using HTTP invalid methods (PoC)
   6.6. By sending HTTP requests line by line (PoC)
   6.7. By using a method ONLY if there is a censorship
   6.9. By using HTTPS websites/proxies
   8. Credits and Greetings
   9. Personal note to http://www.warning.or.kr/ administrator
  0. Introduction

  As staying in South Korea, I was curious and wanted to know more about the censorship as stated in Wikipedia.
   Wikipedia: Censorship in South Korea :
  KCSC (Korea Communications Standards Commission) is responsible for online control and requires Korean citizens to enter government issued ID numbers in order to post political comments online. The KCSC has the right to suspend or delete any web posting or articles for 30 days as soon as a complaint is filed (to combat cyberbullying in South Korea). Every week, portions of the Korean web are taken down by the KCSC. In 2013, around 23,000 Korean webpages were deleted and another 63,000 blocked by the KCSC.
  Korean officials' rhetoric about censored material, including that it is "subversive", "illegal", "harmful" or related to "pornography and nudity", has been noted as similar to that of their Chinese counterparts. Critics also say that the government takes prohibitions on profanity as "a convenient excuse to silence critics" and chill speech.
  This designation persisted in 2012, where the report suggests South Korea's censorship is similar to those of Russia and Egypt.
  You may have seen the infamous message "This webpage is illegal" when you try to get into some websites. By the way, if you don't speak Korean, I wish you a good luck trying to copy/paste texts from an image and understand what is going on:
   
Studying the Internet Censorship in South Korea-1 (effective,Internet,contents,directly,discover)

   Wikipedia lists a short list of websites forbidden to visit in South Korea, but I used https://github.com/aredo/porn-site-list/blob/master/sites.json to get a list of potentially banned websites (a lot of them are actually blocked) in South Korea.
  As you see, quite a large number of websites are currently blocked. They include the websites that are considered containing "socially harmful" or subversive contents such as adult or gambling websites as well as political matters notably related to North Korea. Social medias are very much censored too (online comments are massively removed).
  This research excludes any politically sensitive items as this analysis is intended to be limited to a technical side and I am not making any political judgment. I am trying, from an external point of view, to evaluate the technical level of the current censorship system. Social medias are out of scope of this analysis.
  This study was done in September 2016 using 3 major ISPs: KT, SK Telecom (SKT) and LG U+.
  1. First contact with the censorship system

   We will use telnet to understand how the censorship system works.
   If you go on a censored website, you will see this webpage:

Studying the Internet Censorship in South Korea-2 (effective,Internet,contents,directly,discover)

  Let's dig:
  A standard (and very basic) HTTP request is:
  [code]GET / HTTP/1.1
Host: www.remote-server.com\r\n\r\n[/code]  Trying this on a censored website:
  [code][email protected]:~$ telnet xhamster.com 80
Trying 88.208.29.24...
Connected to www.xhamster.com.
Escape character is '^]'.
GET / HTTP/1.1
Host: xhamster.com

HTTP/1.0 302 Redirect
Location: http://www.warning.or.kr
[email protected]:~$[/code]   By changing the Host value to a banned website, it seems we can trigger the censorship system:
  [code][email protected]:~$ telnet xhamster.com 80
Trying 88.208.29.24...
Connected to www.xhamster.com.
Escape character is '^]'.
GET / HTTP/1.1
Host: wutwut

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 01 Oct 2016 00:00:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://xhamster.com/
[email protected]:~$[/code]   This request seems to work and the Nginx server from xhamster.com will reply to us. So, at least, the censorship system is analyzing the Host header in the HTTP request.
  2. Locating the censorship system in the networks

   We will use wget to customize the request in order to understand where is the filtering process.
   We ask the Google.ru webpage (note: I made a configuration to ensure www.google.ru resolves to a Google server not located in South Korea. 216.58.214.131 is located in Europe).
  I, then, will use Google servers located in South Korea to see if the censorship is really analyzing every Host header on every HTTP connection or only targeting a few IPs.
  We will eventually determine where this censorship system is located.
  We are doing a name resolution to get a Google server outside South Korea:
  [code][email protected]:~$ host google.ru 8.8.8.8
Using domain server:
Name: 8.8.8.8
Address: 8.8.8.8#53
Aliases:

google.ru has address 216.58.197.227
google.ru has IPv6 address 2404:6800:4005:802::2003
google.ru mail is handled by 50 alt4.aspmx.l.google.com.
google.ru mail is handled by 30 alt2.aspmx.l.google.com.
google.ru mail is handled by 20 alt1.aspmx.l.google.com.
google.ru mail is handled by 10 aspmx.l.google.com.
google.ru mail is handled by 40 alt3.aspmx.l.google.com.
[email protected]:~$
[email protected]:~$  traceroute -n 216.58.197.227
traceroute to 216.58.197.227 (216.58.197.227), 30 hops max, 60 byte packets
1  100.114.55.252  3.915 ms  4.052 ms  4.495 ms
2  100.114.27.169  4.503 ms  4.498 ms  4.495 ms
3  1.255.24.48  4.806 ms  5.027 ms  5.026 ms
4  61.98.54.109  5.380 ms  5.376 ms  5.372 ms
5  58.229.4.16  7.384 ms 58.229.4.12  13.247 ms 58.229.4.8  10.801 ms
6  118.221.7.46  9.586 ms  5.669 ms  5.596 ms
7  39.115.132.69  5.062 ms 58.229.15.213  5.038 ms 39.115.132.69  5.030 ms
8  72.14.216.77  41.280 ms 72.14.215.199  38.651 ms  38.296 ms
9  216.239.54.1  39.183 ms  39.033 ms 209.85.142.95  38.461 ms
10  209.85.142.185  43.401 ms 216.239.40.11  43.397 ms 209.85.142.185  40.657 ms
11  72.14.238.35  64.533 ms 216.58.197.227  36.478 ms  37.243 ms
[email protected]:~$[/code]  Google.ru resolves to a foreign IP which is far away.
  Ok let's debug:
  [code][email protected]:~$ wget -O- http://www.google.ru/ | grep -ai google|head -n 1
--2016-10-01 XX:XX:XX--  http://www.google.ru/
Resolving www.google.ru (www.google.ru)... 216.58.214.131, 2a00:1450:4001:813::2003
Connecting to www.google.ru (www.google.ru)|216.58.214.131|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: 'STDOUT'

Google 友荐云推荐




上一篇:Spring AOP完成一个简单的参数统一校验框架
下一篇:Check If Given Array Can be Arranged In Left or Right Positioned Array
酷辣虫提示酷辣虫禁止发表任何与中华人民共和国法律有抵触的内容!所有内容由用户发布,并不代表酷辣虫的观点,酷辣虫无法对用户发布内容真实性提供任何的保证,请自行验证并承担风险与后果。如您有版权、违规等问题,请通过"联系我们"或"违规举报"告知我们处理。

zyxin 发表于 2016-10-22 00:52:31
前排支持下
回复 支持 反对

使用道具 举报

之桃 发表于 2016-10-22 05:03:30
不错的~~! 感谢提供
回复 支持 反对

使用道具 举报

1281853691 发表于 2016-11-2 18:33:23
时间过的真快,一不留神我也抢了回沙发!
回复 支持 反对

使用道具 举报

杜季杨 发表于 2016-11-5 02:29:10
向楼主学习
回复 支持 反对

使用道具 举报

黄林 发表于 2016-11-21 15:06:35
你们城里人真会玩
回复 支持 反对

使用道具 举报

*滑动验证:
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

手机版/CoLaBug.com ( 粤ICP备05003221号 | 文网文[2010]257号 )|网站地图 酷辣虫

© 2001-2016 Comsenz Inc. Design: Dean. DiscuzFans.