Closed Http injector guide [open]

[h3110w0r1d]

HTTP Injector
Mobile proxy server with the ability to modify requests and access blocked websites behind firewall, etc.

Before we get started, let's understand the meaning
[Main] # | Word | Meaning

• Payload - HTTP header data payload that will be injected
• Remote Proxy - Remote HTTP proxy (ex: Squid proxy/APN proxy)
• Google DNS - Use Google DNS to bypass blocked websites and prevent your ISP from knowing what websites you're visiting.
• Start SSH - Start SSH connection upon starting injection.

[SSH/Setting]

• Connect Mode - There's two modes, iptables (root) which will require root and it only tunnel port 80 and 443 traffic.VPN Service mode is for Android 4.0+ and will tunnel all traffic to your server. (Please use root mode, if you are having issue with VPN Service mode)
• SSH - Secure Shell is a encrypted network protocol for initiating text-based shell sessions on remote machines in a secure way.
• SSH Host - SSH IP/hostname
• SSH Port - The port for your SSH server, normally will be port 22 (Normally public squid/http proxy will block port 22)
• Username - SSH username
• Password - SSH password

Payload Keyword

• Using the below keyword, the app will automatically replace with relavent data upon injection, you don't need to replace the word inside the square bracket unless you know what you are doing.

Assume that 188.100.100.123 is your SSH Server IP and 22 is your SSH port

Keyword | Auto Replaced | Meaning

• [host] - 188.100.100.123 = Destination host
• [port] - 22 Destination = port
• [host_port] - 188.100.100.123:22 = Destination host and port, seperated by colon :
• [ssh] - 188.100.100.123:22 = SSH server ip and port that you set at settings
• [protocol] - HTTP\1.0 or HTTP\1.1 = HTTP protocol version
• [netData] - CONNECT [host_port] [protocol] = Short form of three keywords
• [cr] - \r = Carriage Return, U+000D
• [lf] - \n = Line Feed, U+000A
• [crlf] - \r\n = CR (U+000D) followed by LF (U+000A)
• [lfcr] - \n\r = LF (U+000A) followed by CR (U+000D)
• [crlf][crlf] - \r\n\r\n = To indicate the end of HTTP header

Inject Method

Notice: In this example we are using "CONNECT" & "HEAD" request method and domain.com as the host you want to spoof, you might need to use GET/POST/DELETE/CONNECT/HEAD...
Make sure your remote HTTP proxy allow the request method else you will get 403 error.

Method | Payload

• Normal - CONNECT [host_port] [protocol][crlf]Host: domain.com[crlf][crlf]
• Front Inject - GET You do not have permission to view the full content of this post. Log in or register now. HTTP/1.1[crlf]Host: domain.com[crlf][crlf]CONNECT [host_port] [protocol][crlf][crlf]
• Back Inject - CONNECT [host_port] HTTP/1.1[crlf][crlf]GET You do not have permission to view the full content of this post. Log in or register now. [protocol][crlf]Host: domain.com[crlf][crlf]
• Front Query - CONNECT domain.com@[host_port][crlf]GET You do not have permission to view the full content of this post. Log in or register now. [protocol][crlf]Host: domain.com[crlf][crlf]
• Back Query - CONNECT [host_port]@domain.com[crlf]GET You do not have permission to view the full content of this post. Log in or register now. [protocol][crlf]Host: domain.com[crlf][crlf]

ʟᴀᴛᴇsᴛ ᴛʜʀᴇᴀᴅ:
ᴡɪɴᴅᴏᴡs ᴏs ᴀᴄᴛɪᴠᴀᴛᴏʀ - ʜᴛᴛᴘs://ᴡᴡᴡ.ᴘʜᴄᴏʀɴᴇʀ.ɴᴇᴛ/ᴛʜʀᴇᴀᴅs/600637/
ᴅᴜ ᴍᴏɴɪᴛᴏʀɪɴɢ ᴛᴏᴏʟ - ʜᴛᴛᴘs://ᴡᴡᴡ.ᴘʜᴄᴏʀɴᴇʀ.ɴᴇᴛ/ᴛʜʀᴇᴀᴅs/600477/

ᴛʜʀᴇᴀᴅ ʟɪsᴛ:
ᴍʏ ᴛʜʀᴇᴀᴅ - ʜᴛᴛᴘs://ᴡᴡᴡ.ᴘʜᴄᴏʀɴᴇʀ.ɴᴇᴛ/sᴇᴀʀᴄʜ/17959817/

 

[PHC_ELGRINGO]

Thank for sharing ts

 

[balfonheim]

Yun! Thank you

 

[Clintkate20]

salamat po

 

[mamadoo]

tnx man

 

[ehorizon09]

Wow nice information TS thanks

 

[pets_24]

Thanks keep sharing

 

[Alone_Underwater]

Thanks po sa info ts

 

[bjtecz]

Salamat po...

 

[elpogi_]

Copy paste pa.

 

[chrizann11]

Thanks for sharing

 

[Fraudulent]

kita ko na to online eh
You do not have permission to view the full content of this post. Log in or register now.