Is the "Great Cannon" available?

apernet / OpenGFW

OpenGFW is a flexible, easy-to-use, open source implementation of GFW (Great Firewall of China) on Linux

https://gfw.dev/

Mozilla Public License 2.0

9.31k stars 703 forks source link

Is the "Great Cannon" available? #95

Open xplshn opened 4 months ago

xplshn commented 4 months ago

The Great Cannon is supposed to be when China's GFW inserts Javascript into every request and can weaponize every web browser and device connected to the internet as a DDOS botnet.

tobyxdd commented 4 months ago

Not currently supported, and I don't think it's even possible for the real GFW anymore. With HTTPS as the default and mandatory you can no longer transparently hijack a connection.

xplshn commented 4 months ago

Since they intervened all phones, they currently just need to force companies to add a certificate and that's it, far as the people know, the connection is "safe". I think MITMPROXY can be used as reference on how to implement this