| UltraSurf is a well-know client application on the Internet. With the help of its private communication protocols and remoting servers as agents, it can be used to penetrate through the network control available, so as to make it accessible to remote information. This thesis analyzes the UltraSurf (version 8.8) by using tools, such as Ollydbg, Ethereal and Iptables. The main method includes"White Box"and"Black Box"of the software reverse engineering. The analysis concentrated on the working process, methods and algorithms of encryption and decryption, Internet connection of the software, and the analysis result includes the working principle of the software, the way to encrypt the communication between the machine and the proxy servers, and dynamic methods to get the IP address of the proxy servers. From the analysis result, a scheme to control the behavior of the UltraSurf was set up. We validate it by deploying the system in the lab network environment. The rest result of the current control system indicates that the current control system could make the users in the test environment unable to use UltraSurf, but browse other websites as usual.We also summarize the characteristics of this kind of software and raise a general analytical method based on the analysis of UltraSurf. |
PDF Full Text Request