Technical Assistant Attachment Programme » Blog Archive » Love hate relationship with APIIT firewall

Technical Assistant Attachment Programme » read post

Love hate relationship with APIIT firewall

September 18th, 2007

I have always been fascinated with APIIT’s firewall. The same kind of interest you give your first Tamagotchi or Transformers toy. Like how it works and what it hides from you.

On one end I like how it blocks games from being run and videos from being streamed by other students. What for letting them take away bandwidth that is rightfully mine! On the other hand, I can’t use free bandwidth to stream too! WTH?!

So I tried to find loopholes and backdoor. I know there’s a staff segment but I can’t connect to that since I’m on a hardline and not in the correct domain. I also can’t simple use a VPN network cause my home pc is downloading nonstop too!
So after many attempts to ping, scan and infiltrate, I’d like to say.. I still don’t know how to trespass it.

Hau Cheong is breathing a sigh of relieve at this point.

Seems like he (dude above ^) got all the best YouTube, EXE’s, DIVX’s blocked nice and tight. However I have a reasoning that there are files like DOC or ZIP that he cannot simply block from AOCC or the general web. This would be my break.

So as part of my FYP, I did research on file compression and file download. Incorporating it into an online service which allows remote downloading and concurrent file compression (on the fly).

What it means is that I can specify a file and let my remote server download the file, then compressing it and pushing it back to the client to download.

HAHAHAHAHA

Also meant that since APIIT’s firewall allows ZIP file download, I can basically ask my server to download any files I want and stream it back to me in ZIP format.

Now normally I won’t post about my exploits here but I see no loophole. Even if HC were to block the ZIP files, I can use a drop down box to specify another extension. Maybe DOC, TXT, PPT (I don’t think he want to block all that). And when he decide to block based on file meta header, I can convert the file to Gzip, 7z, RAR, CAB… etc.. Yay!!!

Me 1; Firewall 0.

PS: Actually I only post this here to get your response on this and subsequently correct my FYP documentation Not going to tell you the server name and it runs on a dynamic IP address. Nothing a firewall can block. I just hope Google don’t cache this. Does our firewall block crawlers? Or next time I can fake myself as a crawler to go through the firewall.

Technical Solutions

Want your say?

You must be logged in to post a comment.

post navigation

search the diary

archives: September 2007

June 2006

categories: Announcements (1)

Articles (1)

Technical Solutions (1)