bitinn/dns-hijack-china

## dns-hijack-china
df-air:kneesocks df$ curl -x http://127.0.0.1:8002 --verbose --insecure https://twitter.com/
* Hostname was NOT found in DNS cache
*   Trying 127.0.0.1...
* Connected to 127.0.0.1 (127.0.0.1) port 8002 (#0)
* Establish HTTP proxy tunnel to twitter.com:443
> CONNECT twitter.com:443 HTTP/1.1
> Host: twitter.com:443
> User-Agent: curl/7.37.1
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 Connection established.
< Proxy-Connection: close
< Proxy-Agent: Kneesocks
<
* Proxy replied OK to CONNECT request
* TLS 1.0 connection using TLS_DHE_RSA_WITH_AES_256_CBC_SHA
* Server certificate: m.carrentals.co.uk
* Server certificate: Go Daddy Secure Certification Authority
* Server certificate: Go Daddy Class 2 Certification Authority
> GET / HTTP/1.1
> User-Agent: curl/7.37.1
> Host: twitter.com
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Sun, 11 Jan 2015 13:32:00 GMT
* Server Apache/2.2.14 (Ubuntu) is not blacklisted
< Server: Apache/2.2.14 (Ubuntu)
< X-Powered-By: PHP/5.3.2-1ubuntu4.7ppa5~lucid1
< Set-Cookie: PHPSESSID=j496dg2nme3gpe0o919hojjbj0; path=/
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
< Pragma: no-cache
< Vary: Accept-Encoding
< Transfer-Encoding: chunked
< Content-Type: text/html
<
* Connection #0 to host 127.0.0.1 left intact
<script type="text/javascript"> top.location.href='http://www.facebook.com/dialog/oauth?client_id=116510695090377&redirect_uri=http%3A%2F%2Fapps.facebook.com%2Fcar_rentals%2F&scope=user_birthday,email,user_hometown,user_location&state=fb_cr_redirect'</script>
	df-air:kneesocks df$ curl -x http://127.0.0.1:8002 --verbose --insecure https://twitter.com/
	* Hostname was NOT found in DNS cache
	* Trying 127.0.0.1...
	* Connected to 127.0.0.1 (127.0.0.1) port 8002 (#0)
	* Establish HTTP proxy tunnel to twitter.com:443
	> CONNECT twitter.com:443 HTTP/1.1
	> Host: twitter.com:443
	> User-Agent: curl/7.37.1
	> Proxy-Connection: Keep-Alive
	>
	< HTTP/1.1 200 Connection established.
	< Proxy-Connection: close
	< Proxy-Agent: Kneesocks
	<
	* Proxy replied OK to CONNECT request
	* TLS 1.0 connection using TLS_DHE_RSA_WITH_AES_256_CBC_SHA
	* Server certificate: m.carrentals.co.uk
	* Server certificate: Go Daddy Secure Certification Authority
	* Server certificate: Go Daddy Class 2 Certification Authority
	> GET / HTTP/1.1
	> User-Agent: curl/7.37.1
	> Host: twitter.com
	> Accept: /
	>
	< HTTP/1.1 200 OK
	< Date: Sun, 11 Jan 2015 13:32:00 GMT
	* Server Apache/2.2.14 (Ubuntu) is not blacklisted
	< Server: Apache/2.2.14 (Ubuntu)
	< X-Powered-By: PHP/5.3.2-1ubuntu4.7ppa5~lucid1
	< Set-Cookie: PHPSESSID=j496dg2nme3gpe0o919hojjbj0; path=/
	< Expires: Thu, 19 Nov 1981 08:52:00 GMT
	< Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
	< Pragma: no-cache
	< Vary: Accept-Encoding
	< Transfer-Encoding: chunked
	< Content-Type: text/html
	<
	* Connection #0 to host 127.0.0.1 left intact
	<script type="text/javascript"> top.location.href='http://www.facebook.com/dialog/oauth?client_id=116510695090377&redirect_uri=http%3A%2F%2Fapps.facebook.com%2Fcar_rentals%2F&scope=user_birthday,email,user_hometown,user_location&state=fb_cr_redirect'</script>