Search the Community
Showing results for tags 'http injector'.
Hello, can someone help me understand this kind of situation I'm(almost every one in my country who uses this) in? Lets see... Our country ISP provides DATA capped net for everyone per promo. The month since november, there's this single promo which gives additional 1 Gigabye of Data for Facebook and Instagram. And that only limits the access to FB and IG. No google, youtube, disocrd, reddit, etc. Well, sometimes, there's google and other sites, but it's kinda 50/50. Since it's only limited to FBIG. So, instead, what average people do(and by average, non tech savvy), is download an app called HTTP Injector and then use configurations files made by the users too. HTTP Injector is a VPN app. Somewhat. So, when the correct config is used. It's possible to bypass Facebook and Instagram limits. Hence, allowing us to browse other sites as well. Here's a sample stuff I used using ovpn instead of http injector(only limited to android): remote [ssh server ip] [port] http-proxy [ip] [port] http-proxy-option CUSTOM-HEADER CONNECT HTTP/1.1 http-proxy-option CUSTOM-HEADER Host connect.facebook.net http-proxy-option CUSTOM-HEADER X-Online-Host connect.facebook.net http-proxy-option CUSTOM-HEADER X-Forward-Host connect.facebook.net http-proxy-option CUSTOM-HEADER Connection Keep-Alive http-proxy-option CUSTOM-HEADER Proxy-Connection Keep-Alive (edited) As for http injector, it uses CRLF exploit( i think??) but the keywords are still the same What it does is creates a VPN connection and redirects all network access to the said VPN. Hence, allowing us to surf other websites instead to only being limited to FB and IG. Of course, when the VPN is turned off, it won't work anymore. Although this method doesn't bypass the data capping limit of 1gb, it's still enough to surf the web. Some sort. There are other times on where people where able to bypass the data capping limit of 1 gb, but i don't know what payload/host they are using since it was kept secret at all times to avoid detection from the isp. Message #general