V2EX = way to explore
V2EX 是一个关于分享和探索的地方
Sign Up Now
For Existing Member Sign In
This topic created in 2226 days ago, the information mentioned may be changed or developed.
刚刚注意到 *.github.io 的连接都被劫持了,证书变成了一个自颁发的无效证书,还留了个 QQ 号
挂代理是没问题的
询问其他省的朋友也是如此
Supplement 1 · Mar 27, 2020
部分地区似乎已经开始恢复了。
 |
1
mayx Mar 26, 2020 via Android
我这里直接 reset 了
|
 |
4
hahasong Mar 26, 2020
湖北电信可复现,一样是这个 QQ
|
 |
5
lzp7 Mar 26, 2020
移动宽带复现成功 与该主题中截图的证书相同
|
 |
6
genezx Mar 26, 2020
上海、浙江、湖北、广东、电信、联通全部中招
|
 |
7
randyo Mar 26, 2020 via Android
这不抓起来判几年?
|
 |
8
yulihao Mar 26, 2020
移动复现
根据 TCP Tracert 443,都还没出国就事先响应了 |
 |
9
tankren Mar 26, 2020
这么傻还留个人信息的?
|
 |
10
xiri Mar 26, 2020
|
 |
11
ronman Mar 26, 2020 via Android
移动不能复现啊,试了几个网站都正常
|
 |
12
yujiang Mar 26, 2020 via Android
福建电信,中。留 QQ 号我还是第一次见。。。太蠢了吧
|
 |
13
abclucifer Mar 26, 2020
电信不能复现
|
 |
14
hszhakka2ex Mar 26, 2020
难怪之前几周我在 4G 网下访问 github.io 都经常打不开。
|
 |
15
Curtion Mar 26, 2020
四川电信一样
|
 |
16
hoyixi Mar 26, 2020
那个 QQ 估计就是个摆设。
几年前的一次,某网站的访问都被重定向到一个英文 blog,当时大家还猜测这个 blog 当天的广告费是不是赚爽了 |
 |
17
allenby Mar 26, 2020 via Android
福建移动中
curl -k -v https://z.github.io * Rebuilt URL to: https://z.github.io/ * Trying 185.199.109.153... * TCP_NODELAY set * Connected to z.github.io (185.199.109.153) port 443 (#0) * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: none CApath: /system/etc/security/cacerts * TLSv1.2 (OUT), TLS handshake, Client hello (1): * TLSv1.2 (IN), TLS handshake, Server hello (2): * TLSv1.2 (IN), TLS handshake, Certificate (11): * TLSv1.2 (IN), TLS handshake, Server key exchange (12): * TLSv1.2 (IN), TLS handshake, Server finished (14): * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): * TLSv1.2 (OUT), TLS change cipher, Client hello (1): * TLSv1.2 (OUT), TLS handshake, Finished (20): * TLSv1.2 (IN), TLS change cipher, Client hello (1): * TLSv1.2 (IN), TLS handshake, Finished (20): * SSL connection using TLSv1.2 / ECDHE-ECDSA-AES128-GCM-SHA256 * ALPN, server did not agree to a protocol * Server certificate: * subject: C=CN; ST=GD; L=SZ; O=COM; OU=NSP; CN=SERVER; [email protected] * start date: Sep 26 09:33:13 2019 GMT * expire date: Sep 23 09:33:13 2029 GMT * issuer: C=CN; ST=GD; L=SZ; O=COM; OU=NSP; CN=CA; [email protected] * SSL certificate verify result: self signed certificate in certificate chain (19), conti nuing anyway. > GET / HTTP/1.1 > Host: z.github.io > User-Agent: curl/7.58.0 > Accept: */* > < HTTP/1.1 200 OK < Connection: keep-alive ...... |
 |
18
lshero Mar 26, 2020  8
|
 |
19
webshe11 Mar 26, 2020
教育网复现成功
|
 |
20
4DAX07B8Kle4Dm6T Mar 26, 2020
安徽电信复现
|
 |
21
yujizmq Mar 26, 2020
上海电信:
# echo | openssl s_client -servername z.github.io -connect z.github.io:443 2>/dev/null | openssl x509 -noout -subject subject=C = CN, ST = GD, L = SZ, O = COM, OU = NSP, CN = SERVER, emailAddress = [email protected] 上海联通: # echo | openssl s_client -servername z.github.io -connect z.github.io:443 2>/dev/null | openssl x509 -noout -subject subject=C = US, ST = California, L = San Francisco, O = "GitHub, Inc.", CN = www.github.com |
 |
22
RyuZheng Mar 26, 2020
广州电信,成功复现
|
 |
23
unixeno Mar 26, 2020 via Android
武汉电信成功复现
|
|
24
webshe11 Mar 26, 2020
-----BEGIN CERTIFICATE-----
MIIB4TCCAYcCFDjGwZUOfrr1+SWHR5GxJ/rwXsHZMAoGCCqGSM49BAMCMHExCzAJ BgNVBAYTAkNOMQswCQYDVQQIDAJHRDELMAkGA1UEBwwCU1oxDDAKBgNVBAoMA0NP TTEMMAoGA1UECwwDTlNQMQswCQYDVQQDDAJDQTEfMB0GCSqGSIb3DQEJARYQMzQ2 NjA4NDUzQHFxLmNvbTAeFw0xOTA5MjYwOTMzMTNaFw0yOTA5MjMwOTMzMTNaMHUx CzAJBgNVBAYTAkNOMQswCQYDVQQIDAJHRDELMAkGA1UEBwwCU1oxDDAKBgNVBAoM A0NPTTEMMAoGA1UECwwDTlNQMQ8wDQYDVQQDDAZTRVJWRVIxHzAdBgkqhkiG9w0B CQEWEDM0NjYwODQ1M0BxcS5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASJ 27aMaVclvmdT8m6l98K999FM4dYTg4ag0627S2bxbLYHyLdQ0jqay5kA9KCF9Ucw uzcqtTrNERlLIsxDGkLjMAoGCCqGSM49BAMCA0gAMEUCIH1+jEiQTVA+siP2g9kw ITFZZINVKyET48788OSCLK1hAiEA+c5bJvnrdtZ1rbsLXJWtglkXSeBaHy5Wdt7w dGc7McM= -----END CERTIFICATE----- |
|
25
Curtion Mar 26, 2020 1
 emmm... |
 |
26
lework1234 Mar 26, 2020
上海电线也这样
|
 |
27
wenyifancc Mar 26, 2020
江苏联通 4G/5G 成功复现
|
 |
28
AII Mar 26, 2020
目前看来只有 443 端口 TCP 路由被劫持了,DNS 无误,80 端口和 ICMP 都正常。
海外正常,仅国内有这个问题。 |
 |
29
codevvvv9 Mar 26, 2020
我的网站 nicebluejs.com ,也中招了,这时候怎么办呢,打不开了
|
 |
30
Vinceeeent Mar 26, 2020
有人能解释一下原理吗? 是 TLS 连接时 CA 认证过程中被劫持了?
|
 |
31
zackxu233 Mar 26, 2020
深圳电信成功复现。同时前 2 分钟访问 JD 也出现了~
|
 |
32
tsening Mar 26, 2020
福建电信成功复现
|
 |
33
windyskr Mar 26, 2020 via Android
杭州阿里云
tcping github.io 80 traceroute to github.io (185.199.108.153), 255 hops max, 60 byte packets seq 0: tcp response from 185.199.108.153 (185.199.108.153) <syn,ack> 177.346 ms traceroute to github.io (185.199.111.153), 255 hops max, 60 byte packets seq 1: tcp response from 185.199.111.153 (185.199.111.153) <syn,ack> 209.708 ms traceroute to github.io (185.199.109.153), 255 hops max, 60 byte packets tcping github.io 443 traceroute to github.io (185.199.108.153), 255 hops max, 60 byte packets seq 0: tcp response from 185.199.108.153 (185.199.108.153) <syn,ack> 4.570 ms traceroute to github.io (185.199.110.153), 255 hops max, 60 byte packets seq 1: tcp response from 185.199.110.153 (185.199.110.153) <syn,ack> 4.429 ms traceroute to github.io (185.199.109.153), 255 hops max, 60 byte packets seq 2: tcp response from 185.199.109.153 (185.199.109.153) <syn,ack> 16.266 ms |
 |
34
techoc Mar 26, 2020
武汉电信复现成功~
|
 |
35
csy123 Mar 26, 2020
重庆联通成功复现
|
 |
36
Mogugugugu Mar 26, 2020
山东联通中招、、、
|
 |
37
marquina Mar 26, 2020
北京联通复现成功
|
 |
39
onion83 Mar 26, 2020
今年 1 月份左右阿里云的 oss 域名也被干了,相同的 qq 相同的证书 ... 排除 dns 污染的可能性,工单排查了半天,最后不了了之。
|
|
40
marquina Mar 26, 2020
北京阿里云复现成功
|
 |
41
ZeroYe Mar 26, 2020 via Android
深圳电信复现了,是个狠人
|
 |
42
fancy111 Mar 26, 2020
哈哈,厉害哦。。。 话说回来,这种在线储存运行类的是很容易被黑。
想不通这样做的意义在哪里 |
 |
43
Xusually Mar 26, 2020
北京电信复现
|
 |
44
zhouyou457 Mar 26, 2020
四川电信复现..
|
 |
45
n0way404 Mar 26, 2020 via Android
湖北襄阳电信复现。
|
 |
46
charslee013 Mar 26, 2020
广东移动复现....
|
 |
47
czwstc Mar 26, 2020 via iPhone
上海联通复现...怎么做到的...哪里出了问题?
|
 |
48
manami Mar 26, 2020 via Android 1
这老哥厉害了,服
|
 |
49
0x4F5DA2 Mar 26, 2020
上海电信复现
|
 |
50
oicebot Mar 26, 2020
福建电信表示也挂了
|
 |
51
justin2018 Mar 26, 2020 1
腾某云
curl -k -v https://z.github.io * SSL connection using TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 * Server certificate: * subject: [email protected],CN=SERVER,OU=NSP,O=COM,L=SZ,ST=GD,C=CN * start date: Sep 26 09:33:13 2019 GMT * expire date: Sep 23 09:33:13 2029 GMT * common name: SERVER * issuer: [email protected],CN=CA,OU=NSP,O=COM,L=SZ,ST=GD,C=CN |
 |
52
fm93jt Mar 26, 2020
浙江联通 移动没有复现,电信等我明天上班去公司试试看
|
 |
53
PerFectTime Mar 26, 2020 1
群关系可查到此 Q
|
 |
54
patrickyoung Mar 26, 2020
|
 |
55
Takuron Mar 26, 2020 via Android
山东联通复现
有没有可能和朝廷有关? |
 |
57
justfindu Mar 26, 2020
江苏联通复现
|
 |
58
gamexg Mar 26, 2020
山东电信复现
|
 |
59
CloudnuY Mar 26, 2020 via iPhone
建三江一中 ZhangY 同学牛皮啊
|
 |
60
Mahayu Mar 26, 2020
浙江电信复现
|
 |
61
hjsbs Mar 26, 2020
广东电信复现
|
 |
62
zx1239856 Mar 26, 2020
安徽电信 4G 复现 联通直接无法访问
|
 |
63
h503mc Mar 26, 2020
福建电信宽带 复现成功
|
 |
64
cwbsw Mar 26, 2020
在测试 GC 吗?
|
 |
65
Reficul Mar 26, 2020
Page 套了 Cloudflare 的表示情绪稳定
|
 |
67
zhaoyong1990 Mar 26, 2020 via Android
深圳电信复现
|
 |
68
flasktest1 Mar 26, 2020
陕西电信宽带 复现成功
|
|
69
zhaoyong1990 Mar 26, 2020 via Android
东莞联通 reset
|
 |
70
jousca Mar 26, 2020
四川移动直接 RESET
|
 |
71
JoDragon Mar 26, 2020
北京联通复现,fq 没问题
|
 |
72
raysonx Mar 26, 2020
北京联通复现成功,这种大规模的劫持似乎只能在国际出口处做,可怕。
|
|
73
jousca Mar 26, 2020
说明 GFW 在大规模升级功能 /
|
 |
74
xsy2004 Mar 26, 2020 via iPhone
江西电信好像没问题?也可能是我挂了梯子的原因叭
|
 |
75
zouqiang Mar 26, 2020
深圳电信也出现了
|
 |
77
learningman Mar 26, 2020 via Android
@xsy2004 江西电信直接打不开,你走代理肯定不会有问题啊。。。
|
 |
78
stgmsa Mar 26, 2020
山东电信 山东联通均中招。
|
 |
79
tia Mar 26, 2020
陕西联通 reset
|
|
80
raysonx Mar 26, 2020
大胆推测一下 OU=NSP 的含义? Network/National Security Product/Polluter?
|
 |
81
pxmxxp Mar 26, 2020
安徽移动上不去
|
 |
82
heart4lor Mar 26, 2020
江苏电信复现
|
 |
83
spicecch Mar 26, 2020
深圳电信复现
|
|
84
heart4lor Mar 26, 2020
挂了代理就正常了,怕不是过滤升级
|
 |
86
lwp2070809 Mar 26, 2020
https://blog.csdn.net/yhyhyhy/article/details/51248497
这个帖子下面的评论显示 QQ 账号可能为此人所有 https://me.csdn.net/blog/qq_29158525 |
 |
87
Sekai Mar 26, 2020
没复现...可能是用着自建的 dns 的原因
|
 |
88
hhhsuan Mar 26, 2020 via Android 1
QQ 号是无意义的,还真以为一个人有这种能力吗?只有墙才有能力干这种事。
|
 |
91
happylty Mar 26, 2020
|
|
93
xsy2004 Mar 26, 2020 via iPhone
@learningman 我不走代理复现了
|
 |
94
dorothyREN Mar 26, 2020
我這裡 jetbrains 家的軟件 一直彈出 未信任的證書
|
|
95
dorothyREN Mar 26, 2020
|
 |
96
whileFalse Mar 26, 2020
ls 诸位麻烦吧你们解析出的 IP 贴出来看看喽。
|
 |
97
Tink PRO 真的牛逼
|
 |
98
CommandZi Mar 26, 2020
广州电信,复现。是不是国产根证书要安排上了<_<
|
 |
100
HXHL Mar 26, 2020
福建移动复现
|
Select Language