Skip to main content

Posts

Ways to bypass GFW as a foreigner in Mainland China

I'm surprised to find out there are very few tutorials for westerners living in Mainland China to bypass the Great Firewall built by CCP. Maybe you come to Mainland China due to multiple reasons, such as academic communication,work or live here. However, popular VPN providers like ExpressVPN,NordVPN and surfshark can't work very well here. The VPN traffic and socks5 proxy traffic has already been precisely detected and blocked by GFW for ages. Now, I will introduce some new techniques for you to bypass GFW: Consider using proxy servers running advanced proxy protocols such as Vmess,ShadowSocks and Trojan rather than VPN servers. These protocols are based on socks5 protocol which locates at the application layer of OSI model, and their performance are much greater than VPN protocols. You can buy those services from proxy providers("机场" in Chinese). They provide servers("节点" in Chinese) in multiple locations, even all over the world. Quality of service and loc
Post a Comment
Read more
Recent posts

SQL Injection Part 1 -- Principles and basics

 Introduction Recently I started to learn SQL injection, which is the first point ethical hackers should learn after learning the Computer Science basics such as Computer Network. I personally think it is a bit difficult for newbies to get started with SQL injection, and I don't dare to start when it comes to CTF questions, so here I will briefly talk about the points that newbies need to pay attention to. Text Principles When the web application passes SQL statements to the backend database for database operations. If the parameters entered by the user are not strictly filtered, the attacker can construct a special SQL statement, directly input it into the database engine for execution, and obtain or modify the data in the database. Therefore, the essence of the SQL injection vulnerability is to execute the data entered by the user as code. There are two key conditions for SQL injection: the user can control the input content; the web application brings the user input content into
Post a Comment
Read more

Building your website locally by PHPstudy

Introduction After two weeks of study, I finally finished studying the front-end (HTML5, JavaScript) part of the web and the back-end (PHP, MySQL) part. Through this period of study, I can already independently create a login and registration page and submit its content to the MySQL database. Below, I will introduce in detail the whole process of how I built the login and registration pages. N.B. The domain name www.terry906.top in the watermark of screenshots formly belonged to me, so these screenshots were not copied from others! Text Preparation For rookies, I do not recommend renting or purchasing a virtual host (VPS) to practice building a website, because the building environment is complicated and difficult for rookies to understand. We can download an out-of-the-box software called PHPstudy on the computer to build a local website, deploy the WAMP (Windows+Apache+MySQL+PHP) environment within one click, and use virtual domain names to simulate the website environment. First, w
Post a Comment
Read more

Configuring DNSPod DDNS on Synology NAS to achieve external network access

 Introduction This article will explain in detail how to use the in-built DDNS function in Synology DSM to implement Tencent Cloud DNSPod dynamic domain name resolution. Here I will take the domain name purchased on Alibaba Cloud as an example. Text Transfer your nameservers to DNSPod Log in to the Alibaba Cloud console, search for "Domain Name Console" in the search box, click on your domain name and modify the DNS (mine has been modified before) to: f1g1ns1.dnspod.net f1g1ns2.dnspod.net Add domain name resolution Register dnspod and log in (you can also log in directly with a Tencent Cloud account), DNSPod official website: https://www.dnspod.cn/ . Click on your domain name, add an A record, and set the A record to resolve your domain name to any IP (e.g. 0.0.0.0). Then go to "Key Management" and click "Create Key", copy and save the generated ID and token. Please note that token information is only displayed once when created, so copy and save it in tim
Post a Comment
Read more

Enabling Intranet access to Synology DSM through domain name for Merlin firmware routers

Introduction I recently bought a Synology NAS, a DS218play machine that has been discontinued (due to lack of money), and started a long process of tinkering with it. Because I have been living on campus for a long time, I wanted to access the Synology NAS at home through the domain name to implement various functions, such as mapping disks on the external network.  However, due to the NAT loopback restriction set by the network providers in China, I later found that I cannot access the Synology NAS using the domain name in the Intranet of my home. After a long period of exploration, I finally succeeded! Here I will share with you the specific method, which can be achieved without putty or secureCRT. Text First download the WinSCP software online, as shown in the figure after downloading and installing. Select the SCP protocol. The host name is the IP of your router's management page. The username and password are the same as those used to log in to the routing management page. Jus
Post a Comment
Read more

Welcome to my blog!

This is the English version of my tech blog. However, as a student, I'm busy with my study and don't have enough time to translate my blogs into English. Sorry for the inconvenience! The link of my Chinese version tech blog is:  https://hackerterry.netlify.app
Post a Comment
Read more