Solemnly declare that this article is only for research, learning and technical exchange, and should not be used for commercial or illegal purposes. In case of any dispute, it has nothing to do with me.
In the long long ago, I knew that the udp53 bypassed the Web authentication to get online for free, but the speed of a server plus domestic bandwidth is fast enough to consume hundreds of dollars every month. It's better to spend nine yuan and nine yuan to open a campus network I saw it in the water group today
This is OK. Some people planted trees The following is the result of my Baidu Plus practice I Principle Introduction
Before connecting to a hotspot that requires web authentication, we have obtained an intranet IP address. At this time, if we visit an HTTP website, the gateway will hijack and tamper with the HTTP response message, and 302 will redirect us to a web authentication interface (so it is impossible for an HTTPS website to jump to the web authentication page). The detailed principle can Poke here
We have seen that the gateway (or switch) releases DHCP and DNS messages by default, that is, UDP 53 and UDP 67. Some gateways do not even check messages, which means that any form of data packet can pass through smoothly.
In this case, we can set up a server on the public network and use it to Free Admission On the Internet, you can also prevent network audit by the way - once again, the "free" deleted line is just spent on the server. The main breakthrough of our free Internet access this time is UDP 53. Of course, according to a friend's practice, UDP 67 can also bypass Web authentication, even those hotspots that UDP 53 cannot bypass. Of course, TCP 53 is also OK. After all, DNS also has TCP.
Ports selectable 53 67 68
II Environmental detection
Win port detection tool
Download: https://github.com/insoxin/btpanel-ss/raw/master/UDP53.exe
spare: https://github.com/insoxin/btpanel-ss/blob/master/UDP53.exe
If you can see the figure below
continue
If not, replace the following 53 ports with 67 68 ports. If three ports are still not available, give up
III Installation of pagoda ss plug-in
Prerequisite: Installed Pagoda Linux panel (The pagoda panel of any system is OK. The latest version of the pagoda is recommended.)
After installing the pagoda, log in to the terminal and execute the following command to install it:
- git clone https:
- cd btpanel-ss
- bash install.sh install
This is a very long time
All right, directly log into the pagoda Linux panel>>Open the software list page>>Go to the last page of the list to see the newly installed shadowlocks plug-in


Then enable it
Remember that netstat - antu can also be used for port check
V matters needing attention
1. Speed
When all data packets are allowed to pass through UDP 53, the speed mainly depends on your server's Outgoing bandwidth and The network speed of the hotspot itself 。
2. IP problems
The server is out of town, so Taobao Alipay and others need verification codes. In case of appeal in the future, remember to select the login area as the server location.
3. Safety issues
Some hotspots are open and not password protected, so man in the middle attacks can be easily carried out - even root Android phones can do it. It can prevent man in the middle attacks (there are server certificates in the configuration file). At the same time, I use AES-128-CBC encryption, which makes network auditing easy.
###Acknowledgement List
At the same time, the pagoda environment is equipped with the ss plug-in (which can bypass the Web authentication to access the Internet for free udp53
https://www.bennythink.com/udp53.html
https://github.com/BennyThink/UDP53-Filter-Type
https://github.com/shadowsocks
https://github.com/Liang2580/btpanel-ss
This article is written by Ji Changxin Author, article address: https://blog.isoyu.com/archives/bt-ss-udp53.html
use Knowledge Sharing Attribution 4.0 International License Agreement. Unless the reprint/source is indicated, they are all original or translated by this website. Please sign your name before reprinting. Last editing time: August 1, 2019 at 02:38 PM