Comments (6)
I believe it would cover a lot more user needs that way :)
from transparent-proxy.
Through the nature of transparent-proxy, data is up/downstreamed as it is (even encrypted).
You could try to implement an sslStrip-Mechanism by capturing/modifyng the session-data before certificates are exchanged.
Honestly, I am still undecided whether to add such a new feature. Any suggestions?
from transparent-proxy.
I added the "isHttps"-Attribute to sessionInstance. Download version 1.6.5 and try something like this:
const server = new ProxyServer({
verbose: true,
injectResponse: (data,session) => {
if(!session.isHttps) {
console.log('SESSION-DATA', data.toString()) //you can spoof here
return Buffer.from(data.toString().replace('something', 'replaced_'));
}
return data;
}
});
I will provide this on README.
!!REMEMBER that replaced text should have same length of original!
from transparent-proxy.
Awesome!!!
Can you also do an example of injectRequest before it reaches destination? 😅
from transparent-proxy.
As the same way, try something like:
const uaToSwitch = 'curl/7.55.1';
const switchWith = 'My Super Fucking Spoofed UA!';
const server = new ProxyServer({
verbose: false,
injectData: (data, session) => {
if (!session.isHttps) {
// console.log('SESSION-DATA', data.toString()) //you can spoof here
if (data.toString().match(uaToSwitch)) {
const newData = Buffer.from(data.toString()
.replace(uaToSwitch, switchWith));
// console.log('data', data.toString());
// console.log('newData', newData.toString());
return newData;
}
}
return data;
}
});
I added some new examples. Here is a working example of "injectData":
https://github.com/gr3p1p3/transparent-proxy/blob/master/examples/spoofRequest.js
I'm sure it can help to better understand! :)
from transparent-proxy.
I add a new feature to intercept encrypted-data. The "intercept"-Attribute :) It will break secure-connection (obvious), but it allows to intercept & spoof data.
Here a new example: https://github.com/gr3p1p3/transparent-proxy/blob/master/examples/interceptRequest.js
You need to download @1.7.0 for this ^^
from transparent-proxy.
Related Issues (20)
- Connect to other proxy using credentials HOT 2
- Library broke https requests if I set upstream proxy with credentials HOT 8
- Make upstream function async again 😄😄😄 HOT 1
- Close Connections HOT 1
- How can i redirect my 4G client connection HOT 3
- async `injectData` against https does not work with multipart HOT 7
- Use http-parser-js for parseDataToObject HOT 6
- Enable discussions in this repository? HOT 1
- Responses w/o headers crash the proxy HOT 1
- Performance Issue between v1.12.0 & > v1.12.1 HOT 1
- Handling Transfer-Encoding: chunked in injectResponse HOT 5
- session.request.complete Transfer-Encoding: chunked gzip concatenated rawResponse gunzip issue HOT 20
- Add socks proxy support for upstream proxy option HOT 2
- `.getBridgedConnections()` fails to run HOT 2
- Wrong `_response.complete` definition HOT 1
- Allow proxy to verify upstreamHost SSL HOT 5
- Support HTTP range requests HOT 2
- isValidASCII appears to break websocket connections HOT 1
- https does not work for me HOT 1
- How to decrypt a GZIP response? HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from transparent-proxy.