Bypass DNS hijacking in Iran - [Proof of Concept]

dns-server.js

'use strict';

// Proxy-Dns: https://www.npmjs.com/package/proxy-dns
let ProxyDNS = require('proxy-dns').default;
 
const dns = new ProxyDNS({
  ttl: 600
});

dns.use(function* (next) {
  
  //DNS is not case-sensitive (https://tools.ietf.org/html/rfc4343)
  //but the Filternet is! #bug
  
  this.req.question[0].name = this.req.question[0].name.toUpperCase();
  console.log(this.req.question[0]);
  yield next;
});
 
dns.listen(53);

How to run:

sudo node dns-server.js

---

With this proxy:

$ dig youtube.com @127.0.0.1

; <<>> DiG 9.8.3-P1 <<>> youtube.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 597
;; flags: qr rd; QUERY: 1, ANSWER: 11, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;YOUTUBE.COM.           IN  A

;; ANSWER SECTION:
YOUTUBE.COM.        289 IN  A   173.194.39.5
YOUTUBE.COM.        289 IN  A   173.194.39.2
YOUTUBE.COM.        289 IN  A   173.194.39.14
YOUTUBE.COM.        289 IN  A   173.194.39.7
YOUTUBE.COM.        289 IN  A   173.194.39.1
YOUTUBE.COM.        289 IN  A   173.194.39.3
YOUTUBE.COM.        289 IN  A   173.194.39.8
YOUTUBE.COM.        289 IN  A   173.194.39.6
YOUTUBE.COM.        289 IN  A   173.194.39.4
YOUTUBE.COM.        289 IN  A   173.194.39.9
YOUTUBE.COM.        289 IN  A   173.194.39.0

;; Query time: 456 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Feb ** **:**:** 2016
;; MSG SIZE  rcvd: 205

Normal (Hijacked):

dig youtube.com @8.8.8.8

; <<>> DiG 9.8.3-P1 <<>> youtube.com @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41653
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;youtube.com.           IN  A

;; ANSWER SECTION:
youtube.com.        889 IN  A   10.10.34.36

;; Query time: 85 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sat Feb ** **:**:** 2016
;; MSG SIZE  rcvd: 45