Home page logo
/

basics logo Security Basics mailing list archives

pHproxy, edited version for more obfuscation
From: "Anton Chekhov" <knowthebird () gmail com>
Date: Sun, 26 Feb 2006 02:29:58 -0500

Hie, I was playing around looking at different proxies.
All of the ones I found did not encrypt/use obfuscation (not sure if
this is the rite word :-) on the website address when it was first
submitted to the proxy. pHproxy
(http://ice.citizenlab.org/projects/phproxy/) did xor the text/html
before it sent it to the client, and then let them decode it with
javascript with their browser. Because it did not obfuscate the
url/address when it was posted to the proxy it could still be seen and
easily be picked up by someone &/or software listening in. So, anyways
I copied some code into their source, and now the address is
"encrypted" w/ base64 3 times before it is sent to the server. The
three times was just an obscure number, and even thow someone could
build a list of keywords that where the base64 of different sites
addresses, I thought it would take alot more time (especially if you
change it from 3 times to something like 1000, or use some other
algorithim) to try and keep up with watching someone. Also, For
someone looking to really make it so that someone looking in could not
just search for keywords to redflag someones internet connection, you
need to go through the source code and change alot of the text. For
example:
pHproxy

Start browsing through this php-based proxy by entering a URL below.

, Would be easy to search for. So, all the text like the above needs
to be changed, aswell as the text used in the javascript for both the
xor, and base64.

I posted this because not using obfuscation on the address before it
is sent to the server makes the proxy semi useless in the long run in
some countries, unless you use https, which is not something all of us
can afford &/or want to do.

You can find my edited version of the code at:
http://rossk.org/ideas/obfuscation.php
and a demo at:
http://rossk.org/php/html/test/phproxy2.php

Sorry for the rant, didn't really know the proper format for posting
on the mailing list.

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
  • pHproxy, edited version for more obfuscation Anton Chekhov (Feb 27)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]