我不宅,我只是不出門

Murmur of a technical dude

Bypass Websense, part 2

leave a comment »

It is very easy to modify a HTTP proxy server to adopt Websense bypass mechanise. Take Muffin for example, it is an open-source HTTP/HTTPS proxy server written in Java programming language. In src/org/doit/muffin/Request.java, write() method, the original code,

super.write(out)
if (data != null)
{
out.write(data);
out.flush();
}

Just have some modification,

ByteArray ba = super.toByteArray();
byte[] array = ba.getBytes();
out.write( array, 0, 1 ); out.flush();
out.write( array , 1, 1 ); out.flush();
out.write( array, 2, ba.length()-2); out.flush();
//super.write(out);
if (data != null)
{
out.write(data);
out.flush();
}

The new code will force HTTP request to become multiple segmented packets. For example, GET http://tw.yahoo.com HTTP/1.1 will become “G" in one packet, “E" in another packet, and T http://tw….. to the end of request will be in other packets. By this way, Websense will not able to get the FULL HTTP request packet. Therefore, Websense will not able to block you out.

廣告

Written by jclin

2006/10/30 於 9:58 下午

張貼於talk

發表迴響

在下方填入你的資料或按右方圖示以社群網站登入:

WordPress.com Logo

您的留言將使用 WordPress.com 帳號。 登出 / 變更 )

Twitter picture

您的留言將使用 Twitter 帳號。 登出 / 變更 )

Facebook照片

您的留言將使用 Facebook 帳號。 登出 / 變更 )

Google+ photo

您的留言將使用 Google+ 帳號。 登出 / 變更 )

連結到 %s

%d 位部落客按了讚: