Abstract:
This thesis explores the landscape of internet censorship, focusing on innovative strategies for evasion through HTTP Request Smuggling. Investigating the censorship scenarios in China, Iran, and Russia, we employ a test environment utilizing echo servers identified through Zmap. We successfully transfer a web security exploit to censorship evasion censorship and contribute to understanding and mitigating internet censorship. For this, we implemented an evasion scan tool and a tool that can automatically generate test vectors. We test these vectors against popular web servers and hosts to identify viable vectors, with which we then try to evade censorship. Although our censorship detection failed for Russia, we found vectors with significant probabilities of evading censorship for China and Iran.