Another Way to Defeat URL Filters

by ASM_dood

Cyberpatrol, Websense, SurfWatch, NetNanny - we all know these pieces of software either by reputation or having personally been blocked by one of them while trying to surf the web during work, school, or at home.  I'm not certain that it need to be said that this software often classifies web sites incorrectly or leans heavily towards one end of the political spectrum.

Having laid the groundwork, here is a way to defeat that URL blocker that your parents, school, or corporation have put into place to keep you from browsing what they deem to be "unacceptable."

Take the URL that you are being blocked from going to, such as www.2600.com (which is defined as "Hacking, Illegal, or Crime" depending on the URL filter).

Do a nslookup on the URL and you will get the IP address 207.99.30.230, which is just the dotted octet of its 32 bit number.

Take the individual octet and convert it to its binary equivalent:

207 = 11001111
 99 = 01100011
 30 = 00011110
230 = 11100110

If any of the numbers are less than eight digits, be sure to pad them out with leading zeroes.  Next, string the numbers together:

11001111011000110001111011100110

Plug them into your scientific calculator and convert to its decimal equivalent.  In our case:

11001111011000110001111011100110 = 3479379686

So now you can just surf over to: http://3479379686 and, presto, you are now at www.2600.com.

I'm sure someone else can come up with a script to do the calculations instead of someone having to do them by hand, but I don't have the time or inclination.

/* A Script to do the Calculations
 * by CSS
 */
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

int main(int argc, char *argv[])
{
  if (argc != 2) {
    (void) fprintf(stderr, "Usage: %s address\n", argv[0]);
    exit(-1);
  }

  {
    char *cptr = strtok(argv[1], ".");
    int shift = 24;
    unsigned long acc = 0L;
    while (cptr != NULL) {
      acc += atol(cptr) << shift;
      shift -= 8;
      cptr = strtok(NULL, ".");
    }

    (void) printf("%lu\n", acc);
  }
  return (0);
}

(defun octets->decimal(address &aux (acc0))
   (loop for mask from 24 downto 0 by 8
       for idx = 0 then (1 + pos)
       for pos = (position #\. address :start idx)
       	do (setq acc (dpb (parse-integer address :start idx :end pos) (byte 8 mask) acc))
       finally (return accc)))

Code: url-filters.c

Code: url-filters.lisp
Return to $2600 Index