What's new

Closed Http injector

Status
Not open for further replies.

PHC-Rose Blink

Eternal Poster
Joined
Sep 17, 2015
Posts
957
Reaction
1,181
Points
420
mga sir/ma'am,nakita ko lang sana nakatulong sa inyo hihi.

Paturo na rin po sa mga marunong gumawa nito..

Thanks po sa tutulong.)



"HTTP INJECTOR" from Evozi team (evozi.com) . You can call it "HI" or "EHI"

How does it work?????

1. It modifies outgoing data requests
2. It sends a request via a desired/specified proxy

You can connect to ssh servers on vpn mode (just as Psiphon does). However, Iptables mode is available for rooted device. You can use HI with a third party vpn like Openvpn for Android, Finchvpn too.)

Features:

Payload: HTTP header data that will be injected

EXAMPLES
............

GET You do not have permission to view the full content of this post. Log in or register now. HTTP/1.1 200 OK\r\nHost: bug_host\r\nConnection: keep-Alive[crlf][crlf]


CONNECT [host_port]@bug_host [protocol]\r\nHEAD You do not have permission to view the full content of this post. Log in or register now. HTTP/1.1\r\nHost: bug_host\r\n\r\n


In the above payloads, \r\n = injection line just like in your simple server
bug_host = the host on which you get free access
GET and HEAD are the http request method
[netData] = CONNECT [host_port] [protocol]
[protocol] = HTTP/1.1 or HTTP/1.0
[crlf] = \r\n

HI supports [realData] too >>real information passed by the remote proxy app hardcoded CONNECT [host_port] [protocol][crlf][crlf]

Note: Payloads are not the same for different bug host. It depends on the Proxy. Although, it's hard to explain. However, you can always write working one if you understand http request / response anyway

Remote proxy : port >>>> Your ISP or a Squid proxy that allow access to your bug host

Payload generator >>> to generate payloads (although, this may not be suitable in most cases. you might need to modify it yourself so as to suit your need).

It has a built in SSH client similar to Bitvise on PC for connecting to ssh servers.

Host checker: To check if a bug host is alive

IP hunter: Use it to hunt for local IPS to get free access

IP Route : To exclude route for Openvpn (needs root though). Not neccessary though, since you can do that manually on ovpn files.

How to Use

1. This app listen to port 8989. Therefore, to use HI, you need to set ISP's APN then use "127.0.0.1" as the proxy server and "8989" as port on your access point name. You could also use No proxy, No port on the Access Point settings

2. For connecting to SSH servers, Write a working payload with a proxy that allows connection to your bug host, setup your ssh settings and Click start! Wait for it to connect.

HI uses configs just like Openvpn and other apps

3.If you'd love to use HI with an Openvpn servers, use Openvpn clients ( "Openvpn for Android" "FinchVPN" or "Openvpn client") .add the text below on a new line to your ovpn file.

http-proxy 127.0.0.1 8989
route "Remote proxy" 255.255.255.255 net_gateway


to connect to Proxy >>> 127.0.0.1:8989 and exclude route
 
Di ko parin mapagana ang finch vpn using this line http-proxy 127.0.0.1 8989
route "Remote proxy" 255.255.255.255 net_gateway.... Gumana lang ang finch vpn pag naka avail ka sa promo ng isp hmmmmmmm

Hinahanap ko ang line na idagdag sa finch vpn config para gumana... Sana may makatulong.... :)
 
Di ko pa napagana ang finch vpn hanggang ngayun... Seguro settings nalang sa http injector ang kulang... Di ako marunong gumawa ng sariling HI
 
Status
Not open for further replies.
Back
Top