Get Windscribe
Windscribe as a development tool — spoofing and debugging
Guides and Tutorials Technical

Windscribe as a development tool — spoofing and debugging

Yegor Sak
Yegor Sak

Remember R.O.B.E.R.T.? It’s the tool we created to help you block undesirable domains at the DNS level (or whitelist blocked domains that appear in our custom blocklists). Well, we’ve updated it to also allow for a new feature: spoofing.

What’s Domain Spoofing?

When you request a website, say windscribe.com, your browser needs to lookup the IP address of the site you are trying to reach. It does this by performing a DNS lookup against your OS configured DNS server, which then returns the IP address you should connect to. When you use Windscribe and R.O.B.E.R.T. together, the same thing happens, except for the groups of domains you choose to block. R.O.B.E.R.T. doesn’t bother looking up the IP addresses of these blocked domains and instead spoofs the records to 0.0.0.0 which makes the domain non-routable, and therefore “blocked”.

What we’ve added is a way to easily spoof (fake resolve) any domain to the IP address of your choice, all while you’re connected to Windscribe.

…Why?

You may be thinking, “I can already do that with a hosts file”, and you are technically right — but only for a desktop computer. If you are trying to do this from another device, you are in for a bumpy ride. Spoofing domains through Windscribe makes it infinitely easier and has some advantages:

  1. It works on all devices, including mobile. Simply connect to any Windscribe server, on any device, and your “remote hosts file” is enforced.
  2. Unlike the hosts file, R.O.B.E.R.T. supports wildcard domains. This means that spoofing domain.com will also spoof all of it’s sub-domains (unlimited levels) as well, redirecting to an IP of your choice.
  3. It’s flexible. You can temporarily spoof a real domain name, say that of your website, and point it to a different server IP, your local machine, or your Windscribe static IP address if you have port forwarding enabled.
  4. It’s cool. Want 9gag.com to point to Pornhub servers? No problem! Why? Because.

How to spoof with R.O.B.E.R.T. — a simple example

  1. Head over to the R.O.B.E.R.T. panel in the “My Account” section of our website, and click on “Custom Rules”.
  2. Create a SPOOF rule for a domain of your choice, it can be a real domain, or a completely fake one, let’s say nardvpn.crap
  3. Point it to an IP address of your choice, we’ll use 127.0.0.1 as an example
  4. Apply the settings
  5. Start a web server on your computer
  6. Go to http://nardvpn.crap
  7. Behold! It works!

How to spoof —a “useful” example

  1. Create a reddit.com clone and make your shitty meme post featured on the fake reddit homepage
  2. Host it somewhere
  3. Create a SPOOF rule for reddit.com and point it to your server IP
  4. Connect to Windscribe
  5. Load reddit.com on your phone and impress your gullible friends with your dank memery

R.O.B.E.R.T. Debug Mode

What is this debug mode, you ask? Well, it’s a feature that allows you to fine tune your R.O.B.E.R.T. block list to avoid scenarios like these:

  • A domain is being blocked by R.O.B.E.R.T. and is breaking a feature in an app on your phone.
  • A domain is not being blocked and you see ads on a specific website or application

In order to use this feature:

  1. Go into your R.O.B.E.R.T. tab in the “My account” section of our website, go to the “Custom Rules” tab, and click the Debug button at the top.
  2. Connect to any Windscribe server, select which types of DNS responses you wish to log, and then click the “Start Debugging” button.
  3. Reproduce the issue you were trying to resolve
  4. Click “Stop & Get Logs” button to view the collected log
  5. Modify your custom rules appropriately to fix the problem

Privacy Implications

Don’t get your privacy pitchforks out just yet, we built this system with privacy explicitly in mind. When the debug logs are enabled by the user, they are never stored in a permanent place like a database. They only exist on the VPN server itself, in R.O.B.E.R.T.’s memory. When you stop debugging in order to view the logs, they are sent directly to your browser and immediately discarded. If you close the page, or disconnect, the logs will no longer be available to anyone, including us.

Additionally, while query logs are stored in R.O.B.E.R.T.’s memory, they are not tied to your Windscribe account, just your connection to the specific VPN server. This means that even with the impossibly low chance that someone gets access to this log, like by hacking our server, it will not identify you personally.

Finally, keep in mind that this feature is entirely optional. If you have no use for it, simply forget it’s there and nothing changes for you.

Yegor Sak
Yegor Sak
You might also like
How to Bypass the “Online News Act” Canadian News Block on Meta’s Instagram and Facebook
Guides and Tutorials
members

How to Bypass the “Online News Act” Canadian News Block on Meta’s Instagram and Facebook

Rebecca Rosenberg
Rebecca Rosenberg
Windscribe Firewall: Explained
Guides and Tutorials
members

Windscribe Firewall: Explained

Rebecca Rosenberg
Rebecca Rosenberg
Transparency at Windscribe
Guides and Tutorials
members

Transparency at Windscribe

Graham C
Graham C