4

The financial website https://wex1.in got it’s domain name deleted but it’s still possible to reach it by adding 104.25.31.35 wex1.in to etc/hosts files on a ᴘᴄ.

So how to access the website without editing /etc/hosts?

user2284570
  • 459
  • 1
  • 9
  • 26
  • You need some DNS server that has this record. – iBug Jan 03 '19 at 03:28
  • @iBug I’m talking about a public website. So this isn’t possible. – user2284570 Jan 03 '19 at 14:56
  • Then you're out of luck – iBug Jan 03 '19 at 14:57
  • @iBug many users like me ended up trusting such website which had no problem between 2011 and 2017. So this a question worthing more than 100 million (literally) with more than 8000 for me. – user2284570 Jan 03 '19 at 15:05
  • I agree. I don't have time to write a detailed answer now, but with my experience and expertise I don't think it's possible without editing /etc/hosts, as said in your question. – iBug Jan 03 '19 at 15:08
  • @iBug and the answer isn’t for me but for authorities. So for more than 100 millions in money combined, you're out of luck is not an acceptable answer. – user2284570 Jan 03 '19 at 16:41

1 Answers1

4

There are a few options you can go with:

  • Enter IP address directly (with port 80 or 443) to web browser's address bar instead of domain name. But this won't work if web server relies on host header or SNI for virtually hosting multiple websites on same IP address.

  • It's possible to use VpnService API of Android to capture all DNS traffic without rooting phone. That's how apps like this and this work. Then the VPN app may use a custom hosts file before making queries to configured upstream DNS server. Virtual Hosts is an open-source app to achieve this.

  • As suggested by @iBug, you can setup a DNS server (locally or on cloud) and configure your phone to use that for DNS queries. For instance if using dnsmasq, add address=/wex1.in/104.25.31.35 to “dnsmasq.conf”. Or on dnscrypt-proxy add wex1.in 104.25.31.35 to “cloaking-rules.txt”.
    Similarly other DNS servers can be configured to return a predefined IP address for a specific name.

  • Configure phone to use a proxy or VPN and then add the entry 104.25.31.35 wex1.in in hosts file on proxy server or run a local DNS server on VPN server.

  • If you don't want to root the device but bootloader is unlocked (or possible to unlock) and a custom recovery is available, mount /system in recovery and edit hosts file there. Set proper permissions; ownership, mode and SELinux label.

    If you don't want to modify /system partition (e.g. to not break dm-verity or OTAs), it's possible to bind mount a custom hosts file from somewhere on /data. But that would require some extra effort like defining an init service, modifying SELinux policy etc.

Make sure not to use Private DNS (on Android 9+) so that DNS queries always go on port 53 unencrypted.

PS: Same methods can be used to block ads without rooting phone.

Community
  • 1
Irfan Latif
  • 20,353
  • 3
  • 70
  • 213