Jump to content

Bypassing Internet Censorship

1veedo

By 1veedo
in Computer Science

 Share

Recommended Posts

1veedo

1veedo

Posted
Posted

I have written a php/html script that will (maybe) allow you to bypass internet censorship at work, school, library, etc. I do not know if if works or not but bassicly it oppens the site in a frame at my site.

 

However, I just realized that censorship programs might be able to track the URL of where the frame is at?

 

So I'm working on something new that will completely send a site through mine w/o a frame but I cannot make images and apps show up on the page; jsut the raw html of a requested page. Another problem is that links would have to go through framed.php and I do not want the url tagging the end of it.

 

This ultimately results in two diferent methods to accomplish the goal; Just fram the blocked site, or load the blocked site transfering the data to the user.

 

The anticensorship program is at my site. The first (just framed version) is here(nothing big):

//Framed.php

 <?php $site=$_POST['site']; 

 $data = fopen('f'.$_SERVER['REMOTE_ADDR'], 'w');
 fwrite($data, $site); ?>
     <script LANGUAGE="JAVASCRIPT">
   <!C-
   if (top.frames.length!=0)
   </script>


 <FRAMESET rows="99, 10">
       <FRAME src="<?php echo $site; ?>">
<FRAME src="http://1veedo.homelinux.com/f1.php" SCROLLING="no">
     </FRAMESET>

//f1.php
<?php $site = implode('', file('f'.$_SERVER['REMOTE_ADDR']));
?>

<form action="http://1veedo.homelinux.com/framed.php" method="post" TARGET="_top"><center><input name="site" size=99 value="<?php echo $site; ?>"><input type=submit value="Go">      <font size="-1"><a href="<?php echo $site; ?>" target="_top">Unframe This Site</a>              
<strong><a href="http://1veedo.homelinux.com/" TARGET="_top">1veedo</a></strong></font></center></form>

The alternate version of this; my attempt to load everything and send data directally from a censored site to me to the user looks like this:

//Altered framed.php

<FRAMESET rows="99, 10">
       <FRAME src="f2.php?s=<?php echo $site; ?>">

//f2.php
<?php
$page = implode('', file($_GET['s']));
$x = 0;
$page .= '~!';
$site = '';
while($page{$x} != '~' && $page{$x + 1} != '!')
{
if($page{$x} == 's' && $page{$x+1} == 'r' && $page{$x+2} == 'c'){
	if($page{$x+3} == '=' && $page{$x+4} == '"'}
		{
			$x += 5;
			$l = $_GET['s'];
			if($page{$x} == 'h' $$ $page{$x} == 't')
					$x += 6;
			while {$page($x) != '"')
			{
				$l .= $page{$x};
				$x++;
			}
			$site .= $l;

		}}
		$site .= $page;

$x++;
}
echo $site;
?>

Note that as it is, the second way does not work at all. This is the very basic idea though

<?php
$page = implode('', file($_GET['s']));
//Alter page...$site = $page[modified]
//echo $site
echo $page?>

The last one will get the html of a requested site displayed though images etc do not show up.

 

I may be able to forget about the second method if the current one actually works.

 

...Anybody want to help?

Link to comment
Share on other sites
Silencer

Silencer

Posted
Posted

This is some really good work. I support anything that underminds censorship and gives people (especially youth) more freedom on the internet. (Note: this isn't sarcasm at all).

 

If you give me the link to your site I will try it out at school.

 

Also, the success depends on the filtering being done. Some places just use a proxy and blacklist, so if someone tries to access a blacklisted site it tells them to piss off. Others have content filters, which will search the actual text for "inappropriate" things and block accordingly. I think your script is most likely to work with the former method (which I believe my school uses).

Link to comment
Share on other sites
5614

5614

Posted
Posted
However, I just realized that censorship programs might be able to track the URL of where the frame is at?

Yeah they can, I've seen a webpage where some frames are blocked and some aren't.

 

Other than that, sorry, can't help.

Link to comment
Share on other sites
Dave

Dave

Posted
Posted

Your web browser will send individual http requests for each of the pages, so this won't help a lot. A better approach is to get the php script to access the page using something like get_file_contents() and then echo the output to screen. This is assuming, of course, that they aren't using content-based filters.

Link to comment
Share on other sites
Dak

Dak

Posted
Posted

am i right in thinking that this allows people to 'bounce' their interactions with a site off of your site?

 

two questions: will your site not just get blacklisted the second that someone at, for example a school, gets cought using it?

 

and what if someone uses it to access paedophillia or bestiality? will it not look like it was your computer that acessed the site ie you will get into trouble for it?

Link to comment
Share on other sites
Silencer

Silencer

Posted
Posted

Simply using a proxy will give you anonymity, but it won't trump a filtering proxy.

 

You need a site that isn't blacklisted by that proxy yet can gives you dynamic content from other sites.

 

If I were doing this in Perl I would use a module to get the page source from the site the person wants to view. Then I would parse it for img and href tags and modify those appropriately (so that images display. Like, if the src="image/pic.gif" then your script needs to modify it to src="http://domain.com/image/pic.gif"). Then I would have that parsed source code displayed to the client.

 

In other words, fight proxies with proxies. Another cool option might be a content filter. What you can do is replace bad words with things that we will understand but the proxy won't ($hit, @ss, cun7, etc). That should help get around a lot of content filters too.

Link to comment
Share on other sites
1veedo

1veedo

Posted
  • Author
Posted
Yeah they can, I've seen a webpage where some frames are blocked and some aren't.
Ok, that's what I was wondering. Looks like I need to go the other (harder) way:
A better approach is to get the php script to access the page using something like get_file_contents() and then echo the output to screen.
I'm using implode(''' date=' file($_GET['s''])). The way I'm goign to do this is send .php?s= to a site w/i a frame. This way pesky admin wont be able to poke in your history and find where you went. Same goes w/ title; I am not goign to have a title like the two services I have linked to at my site. The only problem is in-site links. If I make everythign ina frame I can have the main source check to see if it's framed (I'll find a way, trust me) and react accordingly...this way the sites you went to would be behind the frame.
Simply using a proxy will give you anonymity' date=' but it won't trump a filtering proxy.

 

If I were doing this in Perl I would use a module to get the page source from the site the person wants to view. Then I would parse it for img and href tags and modify those appropriately (so that images display. Like, if the src="image/pic.gif" then your script needs to modify it to src="http://domain.com/image/pic.gif"). Then I would have that parsed source code displayed to the client.[/quote']Lol, I'm goign to be using TOR over port 81. So all requests made by my computer for this service will be remotely anonymous.

 

But yeah, this is what I'm trying to do. The complete script is going to look something like this:

$page = implode('', file($_GET['s']);
for($x = 0; $x <= strlen($page); $x++)
{

conditions for img
{

}
else href
{

}
else
echo $page{$x}
etc

if </body>
place "navigation bar"
}

This is actually extreamly easy. I dont know if any of you used to use my aimprofile thing (probably not; almost all my users were female) but I have an easy method to skim through a string and check for certain things like this.

 

The one thing that was always a pain was the check itself though:

Normally I do something like

$page{$x} == '<' && $page{$x + 1} == 'a'.......

 

And this takes a long time to do.

 

Is there a PHP function that will do something like:

function($string, start, end) == '<img'

 

This way I could check like

if(function($page, $x, $x + 4) == '<img')
{
while($page{$x} != '>')
{
	if(function($page, $x, $x + 5) == 'src =')
		my_function_for_getting_url
	elseif(function($page, $x, $x + 4) == 'src=') //check for src=" w/ and w/o the space
		my_function_for_getting_url
	else
		echo $page{$x};
	$x++;
}

............
trim strlen($s) from begining of link
echo src=link
...........
}

Anyway, I need you to think of every "object" used online:

a, img, etc

 

I dont do a lot of fancy things for my site because I only have 256 up. I used to have a mostly flash bassed site but I never physically coded in the objects; flash mx gave me html to add...

 

And the other thing I need is a way to check a string between two points with a specified string. Maybe somebody here has made sometyhing like that. Maybe there's an actual php function?

Link to comment
Share on other sites
1veedo

1veedo

Posted
  • Author
Posted

Yes, there will be a way to get images. I think I have "links" figured out...but for some reason my site wont brows yahoo. They do some wierd things w/ CSS and javascript.

 

Displaying images is queued next. I'll be owrking on that and (hopefully) finished by the end of today. It would be sooner but I have other stuff to do.

 

For images, the script is going to somehow create synbolic links through my www root :eek: Yes, that's the only way I can think of doing it! Except for the slower download image and place it in folder w/ links to then...

Link to comment
Share on other sites
1veedo

1veedo

Posted
  • Author
Posted

Ok, I give up. It works, technically, but I can just go through every possible http call. When I tried a couple random sites w/ it, I didnt get the friendly gray and red screen, but I got a forbidden message to the first call on an image that was not broken (ie, http://site.com/whjatever instead of /whatever).

 

But I found another project like this and have it hosted :) Feel free to use it.

Link to comment
Share on other sites
Macroscopic

Macroscopic

Posted
Posted
This is some really good work. I support anything that underminds censorship and gives people (especially youth) more freedom on the internet. (Note: this isn't sarcasm at all).

If you give me the link to your site I will try it out at school.

I will too. My school has this site blocked.

Link to comment
Share on other sites
  • 2 weeks later...
Guest Kenty--LFC--

Guest Kenty--LFC--

Posted
Posted
am i right in thinking that this allows people to 'bounce' their interactions with a site off of your site?

 

two questions: will your site not just get blacklisted the second that someone at' date=' for example a school, gets cought using it?

 

and what if someone uses it to access paedophillia or bestiality? will it not look like it was your computer that acessed the site ie you will get into trouble for it?[/quote']

 

this is a realy good point and i would like 2 no if i can help but u wud have 2 give me help with computer code

Link to comment
Share on other sites
Dave

Dave

Posted
Posted

My suggestion for your links and images (if you're still working on it) is to use preg_replace. You need to learn regexps for this thing - they're extremely quick, and extremely powerful.

 

I'm afraid I'm not very good at them, but I could probably give you some hints (maybe).

Link to comment
Share on other sites
1veedo

1veedo

Posted
  • Author
Posted

It works in getting html and linking back to itself but everything else is much harder. I might take it up again when I (perhaps) know a little more about PHP. Right now I'm just hosting this thing I found called PHProxy. It uses that preg_replace mentioned...from what I can tell ti literaly takes the headers, data, puts them back together, and echos the results. Instead of my method of takign the data (and indeed not the headers) and scanign through the html for links, images, etc. The way PHProxy works even allows files to be transfered (from what I can tell at 568 bits a time?).

Link to comment
Share on other sites
1veedo

1veedo

Posted
  • Author
Posted

The script above will use cookies; it actually has a cookie manager because they're not stored on the client's computer. I think it has a problem w/ shockwave, though.

 

And proxies / firewalls will block the actual IP, not the URL* (if you were a good "hacker" you'd know this)

 

The best way would be to memorize a proxy server (w/ good uptime and speed) and use that anytime you want to get around censorship.

 

*Actually, there are some programs that block just the URL. This is the time when you install Firefox on a pen drive because it's actually IE and not an external censorship program that's blockign things. I was trying to make a scriopt for actual internet censorship, not add-on filters like your dad might use.

 

Btw guys, I just went to ubuntu and for some reason my site is really slow. I think it might be because of my built in firewall (the one actually part of the kernel; I need to find a config file for iptables or something). I'll try to fix it as soon as I can.

Link to comment
Share on other sites
higezzzz

higezzzz

Posted
Posted
The script above will use cookies; it actually has a cookie manager because they're not stored on the client's computer. I think it has a problem w/ shockwave' date=' though.

 

And proxies / firewalls will block the actual IP, not the URL* (if you were a good "hacker" you'd know this)

 

The best way would be to memorize a proxy server (w/ good uptime and speed) and use that anytime you want to get around censorship.

 

*Actually, there are some programs that block just the URL. This is the time when you install Firefox on a pen drive because it's actually IE and not an external censorship program that's blockign things. I was trying to make a scriopt for actual internet censorship, not add-on filters like your dad might use.

 

Btw guys, I just went to ubuntu and for some reason my site is really slow. I think it might be because of my built in firewall (the one actually part of the kernel; I need to find a config file for iptables or something). I'll try to fix it as soon as I can.[/quote']

 

No a firewall will not block ip's! a firewall disallowes incoming connections. As for the url checker programs. Use googles translator to bypass that. Or the i.p because the url check will dissallow the Url.

 

And proxies / firewalls will block the actual IP, not the URL* (if you were a good "hacker" you'd know this)

 

Proxies dont block url's! neither do Firewalls! thats impossible. a proxie is a fake i.p chain that leads to another source. not a freaking blocker.

Link to comment
Share on other sites
Dave

Dave

Posted
Posted
Proxies dont block url's!

 

Yes they do - the http kind, anyway. In fact, that's what they're used for quite a lot of the time.

 

Say that, for some retarded reason, I don't want to allow any users on my network to access the web without going through a proxy. This is fairly simple to accomplish with the proper router settings.

 

Additionally, the proxy may scan the web pages that pass through it for words that it doesn't like or block the particular URL in question. This is a common approach for many businesses who don't want their employees surfing the web for miscellaneous things whilst they're working.

Link to comment
Share on other sites
1veedo

1veedo

Posted
  • Author
Posted
No a firewall will not block ip's! a firewall disallowes incoming connections.
Isn't that the same thing? If a firewall sees an IP that's on the blocklist it wont let it connect. I'm not talking about filtering or protecting ports, I'm refering to the kind of firewall used to censor content on the web. It'll check the source address against a list of IPs and if it finds it then the host won't be able to connect.
Proxies dont block url's! neither do Firewalls! thats impossible. a proxie is a fake i.p chain that leads to another source. not a freaking blocker.
Proxies are actually used instead of firewalls for some (mostly larger) networks. It does basically the same thing except, as dave pointed out, HTTP will censor URLs as well.
Link to comment
Share on other sites
5614

5614

Posted
Posted

At the end of the day it depends on the individual program... I've seen all the types mentioned above in action, IP blocking, URL blocking, indiviudal word or phrase blocking.

 

Incidentally with the basic URL ones, say if http://www.google.com was blocked, sometimes http://www.google.com would work -- I remember when we had one of these basic URL blockers, so http://www.freearcade.com would be blocked, so we just visited http://www.freearcade.com and we could play for weeks until someone thought: "wtf!?!?!" and fixed it!

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.