Jump to content

Making Socks Proxy To Work With Jasager ?!

glider

By glider
in WiFi Pineapples Mark I, II, III

 Share

Recommended Posts

glider Newbie

glider

Posted
Posted

Hello,

I'd like to ask if it is possibole to make a SOCKS proxy to receive any connection made by one of the Jassager's wireless clients.

I'm interested in writing a security proxy that inspects all TCP sessions (security man in the middle),

So far, i have not found any hints about previous work and iptables seems too raw (it routes a specific session and looses the information about where it originally wanted to go).

help is much appreciated.

Glider

Link to comment
Share on other sites
glider Newbie

glider

Posted
  • Author
Posted (edited)

What are you trying to achieve? This doesn't sound like a tool that would work with Jasager rather one that should be on a bare OpenWrt install, purely to make your life easier.

I'm simply trying to better utilize the Jasager as a "man in the middle".

It seems to me that the Jasager can do some very primitive "man in the middle tasks" and I was more hoping to master the TCP session which is being created by a network node on it's way to the destination (any port, any destination ip).

If there is a way to master the TCP session (serve the client and open a new connection to the target), one could embed new content in client's web pages, solicit for installing root certificates on the client and eventually elevate to be SSL/TLS man in the middle.

the best way of mastering all TCP sessions is to (somehow) wrap all client outgoing connections for a standard SOCKS or HTTP proxy (without a client ever noticing) and tweaking the proxy code (external to Jasager) to do various tasks, weather malicious or positive (virus scanning, parental monitoring, commercial embedding, etc).

if any idea comes to mind about how to demonstrate that, this will save me a great time.

thanks

Glider

Edited by glider
Link to comment
Share on other sites
digininja Grand Master

digininja

Posted
Posted

Modify the default route so it goes through a PC with some power and do all that kind of thing on there. I'd go for transparent web proxy, sslstrip and stuff like that. You can also run things like that on the Fon using iptables to redirect traffic but it isn't really powerful enough to do anything that requires heavy lifting.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...