TL;DR VPN on 53/udp
I was spending a couple of weeks at my dad's house, in the middle of nowhere, before starting my internship, my last scholar holidays ever. Being lost in outback means having a super-shitty internet connection. Here, it's powered by Nordnet, part of the Orange group: 40€ for 10Go; but fortunately you can get some more, for 15€ per Go, the maximum bandwidth being around 75ko/s. In France, you can get an unlimited (but throttled) data plan for your mobile for 20€; so this smells more like a theft than an honest commercial deal.
Anyway, I was slacking on IRC when my ssh connection dropped, and so did every other established ones.
$ curl dustri.org <html> <head> <title>307 Temporary Redirect</title> </head> <body> <h1>Temporary Redirect</h1> <p>The document has moved <a href="http://http://sat-new.nordnet.fr/redirection">here</a> .</p> </body> </html>
Ok, some MITM (please notice the wrong url), to show me this page:
Time to try old tricks!
$ dig @184.108.40.206 test.dustri.org txt | grep Success test.dustri.org. 86400 IN TXT "Success!"
Everything old is new again.
No lying DNS, time to fire iodine!
But since iodine is awfully slow (and broken, but I'm keeping this for another article ;) ), I tried to fire my VPN on 53/udp, since doing DPI instead of a lying DNS would be both idiotic and overkill; and … yes, it worked.
It seems that no only they tell their poor
victims consumers that internet equals web,
but that they're believing this themselves. Pretty awesome for an ISP.
Since I'm a cool guy, I wanted to contact their technical support before publishing this blogpost, but it seems that you need to call a surcharged phone line to get in touch with them.
So until they stumble upon this blogpost, figure either how to setup a lying DNSd or how to have a proper firewall, this trick should still work. And if it doesn't, I'm quite sure that you can find the other ones by yourself ;)