DPI Tunnel Android INSTEAD.THIS PROGRAM WONT RECEIVE UPDATES ANYMORE! USE
DPI Tunnel is an application for Android that uses various techniques to bypass DPI (Deep Packet Inspection) systems, which are used to block some sites.
How to use
If you have root enable "Set DPITunnel proxy globally" option in DPI Tunnel settings and press on/off button.
If you don't have root and your device has android >= 5 you need to just press on/off button.
If you don't have root and your device has old android version you need to manually fill system proxy settings. Host is 127.0.0.1. Port specifed in "DPI Tunnel port" option, default is 8080.
How it works
DPITunnel for Android establishes a transparent proxy server on your phone and starts local VPN server, that forwards your traffic into the proxy server, where are DPI circumvention tricks applying.
How DPI works and some methods to bypass it
When you enter a URL in a Web browser, the first thing the Web browser does is to ask a DNS (Domain Name System) server, at a known numeric address, to look up the domain name referenced in the URL and supply the corresponding IP address. If the DNS server is configured to block access, it consults a blacklist of banned domain names. When a browser requests the IP address for one of these domain names, the DNS server gives a wrong answer or no answer at all. To overcome this problem DPI Tunnel uses DNS-Over-HTTPS technology, that sends DNS request in HTTPS packets.
DPI systems look for the Server Name Indication (SNI) field in the Client Hello packet. To bypass DPI we can send HTTPS request by parts, because MOST DPIs can't reconstruct TCP session.
There is a lot of methods.
First, we can split request in packets.
Second, we can modify HTTP packet, because most DPIs can extract site address only from standard HTTP packet. For example: we can replace Host: header with hOsT: or replace DOS end of line with UNIX. Don't worry, this modifications shouldn't break any website as they're fully compatible with TCP and HTTP standards.
Licensed under the MIT license. See LICENSE.
- TunProxy - VPN server and traffic interceptor
- RapidJSON - JSON library. MIT
- android-vpnservice - android VPNService example. Apache License 2.0
- tlse - TLS library. Used in this project to de/encrypt TLS traffic. BSD-2-Clause License
- OpenSSL - SSL/TLS toolkit. Used in this project to generate SSL certificates on the fly. Apache License 2.0