Your Censor is My Censor: Weaponizing Censorship Infrastructure for Availability Attacks

Repository for scripts for the WOOT 2021 paper: "Your Censor is My Censor: Weaponizing Censorship Infrastructure for Availability Attacks" for Artifact Evaluation. 

Paper Abstract: Nationwide Internet censorship threatens free and open access to communication and information for millions of users living inside of censoring regimes. In this paper, we show that this poses an even greater threat to the Internet than previously understood. We demonstrate an attack that exploits a little-studied but widespread feature of many censoring infrastructures: what we call residual censorship, in which a censor continues blocking traffic between two end-hosts for some time after a censorship event. Our attack sends spoofed packets with censored content, keeping two victim end-hosts separated by a censor from being able to communicate with one another.

Although conceptually simple, this attack has several challenges, which we address. We demonstrate the feasibility of the attack through two studies: one to capture the current state of residual censorship, and another to actually launch the attack (against machines we control). We show that the attack can be launched despite stateful TCP tracking used by many censors, and that it also works against those who censor by null-routing. Our code is publicly available.