logo

blog

My website can't be that messy, right? git clone https://hacktivis.me/git/blog.git

La neutralitée du Net sur un wifi Orange™, deuxième mensonge.xhtml (7597B)


  1. <article xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" class="h-entry">
  2. <a class="u-url" href="/articles/La%20neutralit%C3%A9e%20du%20Net%20sur%20un%20wifi%20Orange%E2%84%A2,%20deuxi%C3%A8me%20mensonge"><h1 class="p-name">La neutralitée du Net sur un wifi Orange™, deuxième mensonge</h1></a>
  3. <p>Vut que je n’ai pas de vraie connection internet chez moi autre qu’un forfait à 50MB de 4G, j’utilise le réseau de orange… qui en plus de bloquer l’envoit des courriels par un client classique(mutt, thunderbird, …) (j’ai un tunnel SSH pour ceci et je pense mettre mutt sur mon serveur) fait aussi de la merde sur des nom-de-domaine inexistant·e, c’est à dire me rediriger(merci chromium, firefox a une option pour contrer ça) vers http://instantfwding.com/?dn=cet.abruti.de.nom.de.domaine.com&amp;pid=7PO2UM87 Heuresement que j’ai uMatrix pour bloquer ces conneries. Sauf que ce n’est pas un comportement normal de mon réseau j’ai donc voulut voir ça de plus près.</p>
  4. <pre><code>$ <kbd>cat /etc/resolv.conf.head</kbd>
  5. <samp>nameserver 127.0.0.1
  6. nameserver 80.67.169.12
  7. nameserver 80.67.169.40
  8. domain hacktivis.me
  9. search hacktivis.me
  10. </samp>$ <kbd>cat /etc/resolv.conf</kbd>
  11. <samp># Generated by dhcpcd from wlp0s22f2u3.dhcp
  12. nameserver 127.0.0.1
  13. nameserver 80.67.169.12
  14. nameserver 80.67.169.40
  15. domain hacktivis.me
  16. search hacktivis.me
  17. domain orange-hotspot.com
  18. nameserver 80.10.46.232
  19. # /etc/resolv.conf.tail can replace this line
  20. </samp>$ <kbd>dig nxdomain.tld</kbd>
  21. <samp>; &lt;&lt;&gt;&gt; DiG 9.10.3-P2 &lt;&lt;&gt;&gt; nxdomain.tld
  22. ;; global options: +cmd
  23. ;; Got answer:
  24. ;; -&gt;&gt;HEADER&lt;&lt;- opcode: QUERY, status: NXDOMAIN, id: 27819
  25. ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
  26. ;; OPT PSEUDOSECTION:
  27. ; EDNS: version: 0, flags:; udp: 4096
  28. ;; QUESTION SECTION:
  29. ;nxdomain.tld. IN A
  30. ;; AUTHORITY SECTION:
  31. . 10800 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2016100900 1800 900 604800 86400
  32. ;; Query time: 47 msec
  33. ;; SERVER: 80.67.169.12#53(80.67.169.12)
  34. ;; WHEN: Sun Oct 09 16:34:01 CEST 2016
  35. ;; MSG SIZE rcvd: 116
  36. </samp>$ <kbd>dig nxdomain.tld @80.10.46.232</kbd>
  37. <samp>; &lt;&lt;&gt;&gt; DiG 9.10.3-P2 &lt;&lt;&gt;&gt; nxdomain.tld @80.10.46.232
  38. ;; global options: +cmd
  39. ;; Got answer:
  40. ;; -&gt;&gt;HEADER&lt;&lt;- opcode: QUERY, status: NOERROR, id: 26873
  41. ;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
  42. ;; QUESTION SECTION:
  43. ;nxdomain.tld. IN A
  44. ;; ANSWER SECTION:
  45. nxdomain.tld. 3600 IN A 10.10.10.10
  46. ;; Query time: 43 msec
  47. ;; SERVER: 80.10.46.232#53(80.10.46.232)
  48. ;; WHEN: Sun Oct 09 16:36:26 CEST 2016
  49. ;; MSG SIZE rcvd: 58
  50. </samp></code></pre>
  51. On commence déjà à avoir du DNS menteur, mais n’oubliont pas <code>domain orange-hotspot.com</code> (J’ai modifié ma config dhcpcd juste après avoir rédigé·e ce billet)
  52. <pre><code>$ <kbd>dig nxdomain.tld.orange-hotspot.com</kbd>
  53. <samp>; &lt;&lt;&gt;&gt; DiG 9.10.3-P2 &lt;&lt;&gt;&gt; nxdomain.tld.orange-hotspot.com
  54. ;; global options: +cmd
  55. ;; Got answer:
  56. ;; -&gt;&gt;HEADER&lt;&lt;- opcode: QUERY, status: NOERROR, id: 54935
  57. ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 5
  58. ;; OPT PSEUDOSECTION:
  59. ; EDNS: version: 0, flags:; udp: 4096
  60. ;; QUESTION SECTION:
  61. ;nxdomain.tld.orange-hotspot.com. IN A
  62. ;; ANSWER SECTION:
  63. nxdomain.tld.orange-hotspot.com. 3600 IN A 103.224.212.222
  64. ;; AUTHORITY SECTION:
  65. orange-hotspot.com. 171919 IN NS ns16.above.com.
  66. orange-hotspot.com. 171919 IN NS ns15.above.com.
  67. ;; ADDITIONAL SECTION:
  68. ns15.above.com. 171919 IN A 103.224.182.5
  69. ns15.above.com. 171919 IN A 103.224.212.5
  70. ns16.above.com. 171919 IN A 103.224.212.6
  71. ns16.above.com. 171919 IN A 103.224.182.6
  72. ;; Query time: 180 msec
  73. ;; SERVER: 127.0.0.1#53(127.0.0.1)
  74. ;; WHEN: Sun Oct 09 16:39:12 CEST 2016
  75. ;; MSG SIZE rcvd: 184
  76. </samp></code></pre>
  77. <p>Bon génial, on à deux addresses… je me suis dit que un nmap pourrait être sympa, aller hop zou !</p>
  78. <pre><code>$ <kbd>nmap -A 10.10.10.10</kbd>
  79. <samp>Starting Nmap 7.25BETA1 ( https://nmap.org ) at 2016-10-09 16:42 CEST
  80. Nmap scan report for 10.10.10.10
  81. Host is up (0.044s latency).
  82. Not shown: 999 filtered ports
  83. PORT STATE SERVICE VERSION
  84. 80/tcp closed http
  85. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  86. Nmap done: 1 IP address (1 host up) scanned in 12.40 seconds
  87. </samp>$ <kbd>nmap -A 103.224.212.222</kbd>
  88. <samp>Starting Nmap 7.25BETA1 ( https://nmap.org ) at 2016-10-09 16:43 CEST
  89. Nmap scan report for lb-212-222.above.com (103.224.212.222)
  90. Host is up (0.20s latency).
  91. Not shown: 998 closed ports
  92. PORT STATE SERVICE VERSION
  93. 25/tcp open smtp
  94. |_smtp-commands: SMTP EHLO lb-212-222.above.com: failed to receive data: connection closed
  95. |_smtp-ntlm-info: ERROR: Script execution failed (use -d to debug)
  96. 80/tcp open http Apache httpd (PHP/5.4.45-0+deb7u5)
  97. | http-robots.txt: 5 disallowed entries
  98. | /cpx.php /medios1.php /toolbar.php /check_image.php
  99. |_/check_popunder.php
  100. |_http-server-header: Apache
  101. |_http-title: Did not follow redirect to http://www.qfind.net?_inv
  102. 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
  103. SF-Port25-TCP:V=7.25BETA1%I=7%D=10/9%Time=57FA57A5%P=x86_64-pc-linux-gnu%r
  104. SF:(NULL,25,"220\x20mwinf5d62\x20ME\x20ESMTP\x20server\x20ready\r\n")%r(He
  105. SF:llo,46,"220\x20mwinf5d62\x20ME\x20ESMTP\x20server\x20ready\r\n501\x20EH
  106. SF:LO\x20requires\x20valid\x20address\r\n");
  107. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  108. Nmap done: 1 IP address (1 host up) scanned in 36.60 seconds
  109. </samp></code></pre>
  110. Et un HTTP… voyons voir si c’est celui qui ment.
  111. <pre><code>$ <kbd>curl -v -H 'Host: nxdomain.tld' 103.224.212.222</kbd>
  112. <samp>* Rebuilt URL to: 103.224.212.222/
  113. * Trying 103.224.212.222...
  114. % Total % Received % Xferd Average Speed Time Time Time Current
  115. Dload Upload Total Spent Left Speed
  116. 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Connected to 103.224.212.222 (103.224.212.222) port 80 (#0)
  117. &gt; GET / HTTP/1.1
  118. &gt; Host: nxdomain.tld
  119. &gt; User-Agent: curl/7.50.1
  120. &gt; Accept: */*
  121. &gt;
  122. &lt; HTTP/1.1 200 OK
  123. &lt; Date: Sun, 09 Oct 2016 14:45:05 GMT
  124. &lt; Server: Apache
  125. &lt; X-Powered-By: PHP/5.4.45-0+deb7u5
  126. &lt; Content-Length: 371
  127. &lt; Connection: close
  128. &lt; Content-Type: text/html; charset=UTF-8
  129. &lt;
  130. { [371 bytes data]
  131. 100 371 100 371 0 0 866 0 --:--:-- --:--:-- --:--:-- 868
  132. * Closing connection 0
  133. &lt;html&gt;
  134. &lt;head&gt;
  135. &lt;title&gt;nxdomain.tld&lt;/title&gt;
  136. &lt;/head&gt;
  137. &lt;frameset rows="100%,*" frameborder="no" border="0" framespacing="0"&gt;
  138. &lt;frame src="http://instantfwding.com/?dn=nxdomain.tld&amp;pid=7PO2UM885"&gt;
  139. &lt;noframes&gt;
  140. &lt;body bgcolor="#ffffff" text="#000000"&gt;
  141. &lt;a href="http://instantfwding.com/?dn=nxdomain.tld&amp;pid=7PO2UM885"&gt;Click here to enter&lt;/a&gt;.
  142. &lt;/body&gt;
  143. &lt;/noframes&gt;
  144. &lt;/frameset&gt;
  145. &lt;/html&gt;
  146. </samp></code></pre>
  147. <p>Trouvé !<br />
  148. Si vous avez encore des personnes qui ne vous croient pas sur une connection non-neutre, mettez-les sur un wifi orange semi-public y’aurat des trucs pas habituels :P</p>
  149. <p>Ah et orange à l’air d’utiliser une bonne grosse masse de Debian(cf. le deb dans la version du Serveur apache menteur ainsi que pour PHP) donc ouais <a href="https://davenull.tuxfamily.org/linux-livebox/">le libre ça marche pas avec orange™</a></p>
  150. </article>