We describe a buffer over-read vulnerability that existed in the DNS injection subsystem of the Great Firewall of China, causing middleboxes to reveal up to 125 bytes of memory. Over a two-year period beginning in October 2021, we conducted longitudinal measurements, reverse-engineered the injection parsing logic, evaluated the impacts of leaked information, and monitored patching behaviors through March 2024. This research received the 2025 Best Practical Paper From FOCI Community award.
@inproceedings{fan2025wallbleed,
title={Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China},
author={Fan, Shencha and Sippe, Jackson and San, Sakamoto and Sheffey, Jade and Fifield, David and Houmansadr, Amir and Wedwards, Elson and Wustrow, Eric},
booktitle={Network and Distributed System Security (NDSS) Symposium},
year={2025}
}