Created
January 11, 2015 13:39
-
-
Save bitinn/4d23b37330fc7bae73cb to your computer and use it in GitHub Desktop.
Random DNS response hijack in China
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
df-air:kneesocks df$ curl -x http://127.0.0.1:8002 --verbose --insecure https://twitter.com/ | |
* Hostname was NOT found in DNS cache | |
* Trying 127.0.0.1... | |
* Connected to 127.0.0.1 (127.0.0.1) port 8002 (#0) | |
* Establish HTTP proxy tunnel to twitter.com:443 | |
> CONNECT twitter.com:443 HTTP/1.1 | |
> Host: twitter.com:443 | |
> User-Agent: curl/7.37.1 | |
> Proxy-Connection: Keep-Alive | |
> | |
< HTTP/1.1 200 Connection established. | |
< Proxy-Connection: close | |
< Proxy-Agent: Kneesocks | |
< | |
* Proxy replied OK to CONNECT request | |
* TLS 1.0 connection using TLS_DHE_RSA_WITH_AES_256_CBC_SHA | |
* Server certificate: m.carrentals.co.uk | |
* Server certificate: Go Daddy Secure Certification Authority | |
* Server certificate: Go Daddy Class 2 Certification Authority | |
> GET / HTTP/1.1 | |
> User-Agent: curl/7.37.1 | |
> Host: twitter.com | |
> Accept: */* | |
> | |
< HTTP/1.1 200 OK | |
< Date: Sun, 11 Jan 2015 13:32:00 GMT | |
* Server Apache/2.2.14 (Ubuntu) is not blacklisted | |
< Server: Apache/2.2.14 (Ubuntu) | |
< X-Powered-By: PHP/5.3.2-1ubuntu4.7ppa5~lucid1 | |
< Set-Cookie: PHPSESSID=j496dg2nme3gpe0o919hojjbj0; path=/ | |
< Expires: Thu, 19 Nov 1981 08:52:00 GMT | |
< Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 | |
< Pragma: no-cache | |
< Vary: Accept-Encoding | |
< Transfer-Encoding: chunked | |
< Content-Type: text/html | |
< | |
* Connection #0 to host 127.0.0.1 left intact | |
<script type="text/javascript"> top.location.href='http://www.facebook.com/dialog/oauth?client_id=116510695090377&redirect_uri=http%3A%2F%2Fapps.facebook.com%2Fcar_rentals%2F&scope=user_birthday,email,user_hometown,user_location&state=fb_cr_redirect'</script> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment