Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

pHproxy, edited version for more obfuscation

from [Anton Chekhov] Network Security [Permanent Link]
Subject: pHproxy, edited version for more obfuscation
Date: Sun, 26 Feb 2006 02:29:58 -0500 
Hie, I was playing around looking at different proxies.
All of the ones I found did not encrypt/use obfuscation (not sure if
this is the rite word :-) on the website address when it was first
submitted to the proxy. pHproxy
(http://ice.citizenlab.org/projects/phproxy/) did xor the text/html
before it sent it to the client, and then let them decode it with
javascript with their browser. Because it did not obfuscate the
url/address when it was posted to the proxy it could still be seen and
easily be picked up by someone &/or software listening in. So, anyways
I copied some code into their source, and now the address is
"encrypted" w/ base64 3 times before it is sent to the server. The
three times was just an obscure number, and even thow someone could
build a list of keywords that where the base64 of different sites
addresses, I thought it would take alot more time (especially if you
change it from 3 times to something like 1000, or use some other
algorithim) to try and keep up with watching someone. Also, For
someone looking to really make it so that someone looking in could not
just search for keywords to redflag someones internet connection, you
need to go through the source code and change alot of the text. For
example:
pHproxy

Start browsing through this php-based proxy by entering a URL below.

, Would be easy to search for. So, all the text like the above needs
to be changed, aswell as the text used in the javascript for both the
xor, and base64.

I posted this because not using obfuscation on the address before it
is sent to the server makes the proxy semi useless in the long run in
some countries, unless you use https, which is not something all of us
can afford &/or want to do.

You can find my edited version of the code at:
http://rossk.org/ideas/obfuscation.php
and a demo at:
http://rossk.org/php/html/test/phproxy2.php

Sorry for the rant, didn't really know the proper format for posting
on the mailing list.

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • pHproxy, edited version for more obfuscation, Anton Chekhov <=
Previous by Date:  Re: Down with DHCP!!!!, Gunnar Wolf
Next by Date:  Re: Re: Re: RE: Down with DHCP!!!!, me
Previous by Thread:  AD Aware Firewall/Proxy device, Steveb
Next by Thread:  Proximity of DR Sites & U.S. City Hazards, lists@infostruct.net
Indexes:  [Date] [Thread] [Top] [All Lists]