Published on October 14, 2007
Webpage proxying “surfing to the same page all day long” Michael Hendrickx <email@example.com> www.code.ae
Proxy • Doesn’t have to be proxy *server* • Web server can serve HTTP content • Web scripts can retrieve HTTP content • So, dynamic web content can be used as a proxy www.code.ae
Webpage Proxy: use? • Government censors Internet, blocks content • Corporate content filtering • Privacy needed in certain cases www.code.ae
Introducing “phrogsy” • Proxy -> Phrogsy – Hey, it’s only a name • Idea sprung up during development of covert channel PoC • Allows surfing through a web page • Increases surfing privacy • Bypasses proxy restrictions www.code.ae
How to.. erm.. “phrogsy”? • Download phrogsy • Install firefox extension • Upload PHP or perl script to *your web server *server you have access to • Ready to go www.code.ae
Phrogsy • How webpage proxying works: Transparent connection Target website Proxy SITM server* Site in the middle (optional) www.code.ae
Phrogsy 5. response 6. response Target website SITM Site in the middle 3. Browser connects to SITM, passes on target URL 1. User requests page (target) 4. SITM sends request to target 2. Browser rewrites URL to SITM website www.code.ae
Security issues • SITM will be able to see your requests • SSL (target) is not supported yet • SITM can reside on SSL server you SITM Target Proxy server www.code.ae
SSL - privacy • If you connect to SITM over SSL, (mandatory/transparent) proxy server won’t see your traffic • Optional Base64 possible SSL you SITM Target Proxy server www.code.ae
You (browser) • (Currently only) Firefox extension • Rewrites target URL to SITM • On recv(), rewrites SITM back to original target you SITM Target Proxy server www.code.ae
You (browser) • URL entered in FireFox http://www.evil.com/ • Rewritten to http://SITM/?page= http://www.evil.com/ • Reply is seen as “coming from SITM” • Reply is rewritten: http://SITM/?page= http://www.evil.com/ Becomes http://www.evil.com/ www.code.ae
Site in the Middle • (for now) PHP & Perl scripts • socket connection to target • Passes on vars (cookie, post data, ..) you SITM Target Proxy server www.code.ae
Proxy server • Proxy server only sees legitimate traffic – http://sitm/ is not blocked – http://target/ is blocked Often outside of ISP restrictions, depending on geographical status Results in “blocked error page” Allowed *Allowed you SITM Target Proxy server www.code.ae
HTTP Connection • As said before, SSL is possible • Base64 encoding to avoid keyword detection • Crypt (charCodeAt()+1) optional you SITM Target Proxy server www.code.ae
Constraints • Caching can mess up things sometimes • URL doesn’t get rewritten properly • Hosting provider can block outgoing connections www.code.ae
Future? • More SITM platforms (asp, aspx, etc…) • More fiddling with mod_rewrite • Proxy chaining? – Integration into TOR (tor.eff.org) www.code.ae
Questions? Email: firstname.lastname@example.org Or catch us on www.code.ae www.code.ae
Set-OWAVirtualDirectory -Identity "Contosoowa (Default Web site)" -CrossSiteRedirectType Silent. ... In an Exchange 2010 proxying environment, ...
SSL Proxying. Charles can be used as a man-in-the-middle HTTPS proxy, enabling you to view in plain text the communication between web browser and SSL web ...
Email; Microsoft Exchange 2010 – Using Proxying and Redirection (Part 2) Cross-Site Silent Redirection. Exchange 2010 SP2 lets administrators configure ...
Posts: 13 Joined: 9.Jun.2006 Status: offline: Hi I have a quick question regarding the use of firewall clients and ISA 2006. I have found a few websites ...
In computer networks, a proxy server is a server (a computer system or an application) that acts as an intermediary for requests from clients seeking ...
When processing page-based templates, the portal servlet uses a process called proxying to help ensure that users always stay within the context of the ...
In this case the First CAS will return a web page that contains a link to the correct ... I will cover how Exchange 2007 CAS Proxying works for ...
Posts about web proxying written by northernuc. NorthernUC The World of Lync 2010 & Lync 2013. Search. Main menu. Skip to primary content. Skip to ...
The latest Tweets from Proxying (@_Proxying). Pixelmon Developer. Fife, Scotland