Skip to content

Instantly share code, notes, and snippets.

@revolunet
Last active January 8, 2017 06:17
Show Gist options
  • Save revolunet/7870765 to your computer and use it in GitHub Desktop.
Save revolunet/7870765 to your computer and use it in GitHub Desktop.
Apache+Python proxy to inject arbitrary data into target webpages
#-*- encoding: UTF-8 -*-
import os
import sys
import re
PROXY = '%s.myproxy.com' % os.environ.get('host','')
lines = sys.stdin.readlines()
html = ''.join( lines )
def replaceUrls( inTxt, host ):
r = re.compile('https?://[^\'"/\s%:#]+', re.MULTILINE|re.IGNORECASE)
m = r.findall( inTxt )
return re.sub(r, '\g<0>.%s' % host, inTxt)
print replaceUrls( html, PROXY )
# inject custom javascript
print '<script language="javascript">alert("injected!");</script>'
sys.exit(1)
<VirtualHost *:80>
ServerAlias *.myproxy.com
UseCanonicalName Off
LogLevel debug
ProxyHTMLLogVerbose Off
ProxyHTMLExtended On
ProxyHTMLMeta On
ErrorLog /var/log/apache2/error-myproxy.log
CustomLog /var/log/apache2/access-myproxy.log combined
ProxyRequests Off
ProxyPreserveHost Off
RewriteEngine On
RewriteCond %{HTTP_HOST} ^(.+)\.myproxy\.com
RewriteRule ^(.*)$ http://%1$1 [P,E=target:%1,E=host:%{HTTP_HOST}]
ProxyPassInterpolateEnv On
ExtFilterDefine injector mode=output intype=text/html outtype=text/html;charset=utf-8 cmd="/usr/bin/python /root/scripts/injector.py" disableenv=BRIDGE
<Location />
Order deny,allow
deny from all
allow from W.X.Y.Z
ProxyHTMLInterp On
ProxyHTMLURLMap http://${target}/ / v
BrowserMatch MSIE force-response-1.0
RequestHeader unset Accept-Encoding
SetOutputFilter proxy-html;injector
RequestHeader set X-Forwarded-Host "%{target}e"
</Location>
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
</VirtualHost>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment