We design, implement, and evaluate CovertCast, a censorship circumvention system that broadcasts the content of popular websites in real-time, encrypted video streams on common live-streaming services such as YouTube. CovertCast does not require any modifications to the streaming service and employs the same protocols, servers, and streaming software as any other user of the service. Therefore, CovertCast cannot be distinguished from other live streams by IP address filtering or protocol fingerprinting, raising the bar for censors.
This is proof of concept code and should NOT be used in production without further refining and testing of security.
See CovertCast-PETS16.pdf for details.
Both the client and server use Python3. The client is designed for Windows and also makes use of C++. The server is designed for Linux. If one operating system is desired, it will probably easier to port the client to Linux than the server to Windows.
pywin32 Download and install
nghttp2 My own personal hack
ffmpeg So annoying to get right <- Install instructions may be out of date.
ghost.py sudo pip install Ghost.py
numpy sudo apt-get install python3-numpy (Windows)
cv2 sudo apt-get install python3-opencv (Windows)
PIL sudo pip install Pillow
reedsolo sudo pip install reedsolo
bitstring sudo pip install bitstring
The client code is written for Windows. The server runs on Linux.
- Start up a RTMP live stream on YouTube.
- Run broadcast-yt.sh on the server (edit the script for your RTMP). If there is no out.jpg, run
python3 serverfor a second and then stop it. - Load the stream on the client in a browser (bigger box. not full screen. 720p video).
- Load another browser using an HTTP2 proxy pointed at the
h2ipinh2clientweb.py. - Start
python3 client.pyon the client. - Start the screen scraping code on the client.
- Start
python3 server.pyon the server.
Information about the individual code in each folder.
Contains the source code needed to run the thing.
broadcast-yt.sh Creates a silent RTMP video from out.jpg and streams
it to YouTube. You'll need to update the YouTube RTMP URL.
client.py Launches the client version of the code. See options with
python3 client.py --help
server.py Launches the server version of the code. See options with
python3 server.py --help
Some stored configuration files. config-server is read in
server.py.
Code used for logging and debugging.
Python lib containing some named tuples used in HTTP management.
The library we use for picking what links to prefetch.
Some various utility functions.
Code used in the modulation and demodulation of data and video.
clientframes2data.py converts individual images to data
clientvideo2frames.py converts video to individual frames
functions.py modulates/demodulates data (or metadata) from a frame
modulate.py deals with metadata and calls functions.py for frames/data
parameters.py hardcoded parameters
servervideo.py used to help create images and save them for ffmpeg
tests.py tests stuff
valid_image.py tests if a CovertCast image is valid
video_helper_functions.py lots of little things
Handles the HTTP/proxy stuff
We call the code that directs the web scraper ``guides''. Currently they load the main page of a news site and then iterate through the linked stories, sending one of them at a time.
The folder README covers a lot of important stuff
fake* are versions used for testing
h2* are newer versions of the web code. You should use these
h2guides picks what stories to read
C code used to scrap a browser window in Windows. Change the hwnd
variable in main to use a different browser/streaming
service. Interacts with code in
covertcast/video/clientvideo2frames.py