revolunet/injector.py

## injector.py
#-*- encoding: UTF-8 -*-

import os
import sys
import re

PROXY = '%s.myproxy.com' % os.environ.get('host','')

lines = sys.stdin.readlines()
html = ''.join( lines )

def replaceUrls( inTxt, host ):
        r = re.compile('https?://[^\'"/\s%:#]+', re.MULTILINE|re.IGNORECASE)
        m = r.findall( inTxt )
        return  re.sub(r, '\g<0>.%s' % host, inTxt)

print replaceUrls( html, PROXY  )

# inject custom javascript
print '<script language="javascript">alert("injected!");</script>'

sys.exit(1)

## vhost.conf
<VirtualHost *:80>
        ServerAlias *.myproxy.com

        UseCanonicalName Off

        LogLevel debug
        ProxyHTMLLogVerbose Off
        ProxyHTMLExtended On
        ProxyHTMLMeta On
        ErrorLog  /var/log/apache2/error-myproxy.log
        CustomLog /var/log/apache2/access-myproxy.log combined

        ProxyRequests Off
        ProxyPreserveHost Off

        RewriteEngine On

        RewriteCond %{HTTP_HOST} ^(.+)\.myproxy\.com
        RewriteRule ^(.*)$ http://%1$1 [P,E=target:%1,E=host:%{HTTP_HOST}]

        ProxyPassInterpolateEnv On

        ExtFilterDefine injector mode=output intype=text/html outtype=text/html;charset=utf-8 cmd="/usr/bin/python /root/scripts/injector.py" disableenv=BRIDGE

        <Location />
                Order deny,allow
                deny from all
                allow from W.X.Y.Z
                ProxyHTMLInterp On
                ProxyHTMLURLMap http://${target}/ / v
                BrowserMatch MSIE force-response-1.0
                RequestHeader unset Accept-Encoding
                SetOutputFilter proxy-html;injector
                RequestHeader set X-Forwarded-Host "%{target}e"
        </Location>

        <Proxy *>
            Order deny,allow
            Allow from all
        </Proxy>
</VirtualHost>
	#-- encoding: UTF-8 --

	import os
	import sys
	import re

	PROXY = '%s.myproxy.com' % os.environ.get('host','')

	lines = sys.stdin.readlines()
	html = ''.join( lines )

	def replaceUrls( inTxt, host ):
	r = re.compile('https?://[^\'"/\s%:#]+', re.MULTILINE\|re.IGNORECASE)
	m = r.findall( inTxt )
	return re.sub(r, '\g<0>.%s' % host, inTxt)

	print replaceUrls( html, PROXY )

	# inject custom javascript
	print '<script language="javascript">alert("injected!");</script>'

	sys.exit(1)
	<VirtualHost *:80>
	ServerAlias *.myproxy.com

	UseCanonicalName Off

	LogLevel debug
	ProxyHTMLLogVerbose Off
	ProxyHTMLExtended On
	ProxyHTMLMeta On
	ErrorLog /var/log/apache2/error-myproxy.log
	CustomLog /var/log/apache2/access-myproxy.log combined

	ProxyRequests Off
	ProxyPreserveHost Off

	RewriteEngine On

	RewriteCond %{HTTP_HOST} ^(.+)\.myproxy\.com
	RewriteRule ^(.*)$ http://%1$1 [P,E=target:%1,E=host:%{HTTP_HOST}]

	ProxyPassInterpolateEnv On

	ExtFilterDefine injector mode=output intype=text/html outtype=text/html;charset=utf-8 cmd="/usr/bin/python /root/scripts/injector.py" disableenv=BRIDGE

	<Location />
	Order deny,allow
	deny from all
	allow from W.X.Y.Z
	ProxyHTMLInterp On
	ProxyHTMLURLMap http://${target}/ / v
	BrowserMatch MSIE force-response-1.0
	RequestHeader unset Accept-Encoding
	SetOutputFilter proxy-html;injector
	RequestHeader set X-Forwarded-Host "%{target}e"
	</Location>

	<Proxy *>
	Order deny,allow
	Allow from all
	</Proxy>
	</VirtualHost>