Authors: Sakamoto (Shinonome Lab), Elson Wedwards
Year: 2024
Issue: 1
Pages: 13–21
Abstract: In-depth observations of the Great Firewall of China (GFW) are challenging because it is an on-path black box, especially with limited outbound packets that seldom reveal its internals. In this paper, we had a rare opportunity to exfiltrate parts of the GFW's memory from its packet injectors with malformed DNS requests by reviving a vintage vulnerability. Through analysis, we found it contained Internet traffic going across China’s borders and stack frames of the packet-handling processes of the GFW. With this insight, we evaluated the encapsulated sensitive information and inferred characteristics of the GFW’s processes. Moreover, we studied the feasibility of several attacks resulting from this vulnerability, including off-path attacks and reflective amplification attacks. We further discuss this novel attack surface and potential threats caused by such defective censors.
Copyright in FOCI articles are held by their authors. This article is published under a Creative Commons Attribution 4.0 license.