33

Making a Proxy for Fun and Profit

  • Upload
    inaz2

  • View
    1.429

  • Download
    2

Embed Size (px)

DESCRIPTION

2013/12/07 Security Casual Talks (すみだセキュリティ勉強会その2)

Citation preview

Page 1: Making a Proxy for Fun and Profit
Page 2: Making a Proxy for Fun and Profit

2

http://inaz2.hatenablog.com/
Page 3: Making a Proxy for Fun and Profit

3

Page 4: Making a Proxy for Fun and Profit

4

Page 5: Making a Proxy for Fun and Profit

5

GET / HTTP/1.1Host: www.example.com

GET / HTTP/1.1Host: www.example.comVia: 1.1 proxy

200 OKContent-Length: 1024

200 OKContent-Length: 1024Via: 1.1 proxy

1 2

34

Page 6: Making a Proxy for Fun and Profit

6

Page 7: Making a Proxy for Fun and Profit

7

Page 8: Making a Proxy for Fun and Profit

8

Page 9: Making a Proxy for Fun and Profit

9

Page 10: Making a Proxy for Fun and Profit

10

Page 11: Making a Proxy for Fun and Profit

11

https://github.com/inaz2/SimpleHTTPProxy
Page 12: Making a Proxy for Fun and Profit

12

Page 13: Making a Proxy for Fun and Profit

13

Page 14: Making a Proxy for Fun and Profit

14

Page 15: Making a Proxy for Fun and Profit

15

Page 16: Making a Proxy for Fun and Profit

16

Page 17: Making a Proxy for Fun and Profit

17

Page 18: Making a Proxy for Fun and Profit

18

画像配信用に最低でも2台のReverse Proxy を使っている

Page 19: Making a Proxy for Fun and Profit

19

Page 20: Making a Proxy for Fun and Profit

20

iPhoneのふりをしてPCからiPhone用サイトに繋ぐ

Page 21: Making a Proxy for Fun and Profit

21

iframe要素をすべて消す

Page 22: Making a Proxy for Fun and Profit

22ブラウジング中に見た画像を全部保存

Page 23: Making a Proxy for Fun and Profit

23アクセス制限の条件を自由に記述できる

Page 24: Making a Proxy for Fun and Profit

24

Facebookログイン (HTTPS) 時に送信している情報を表示

Page 25: Making a Proxy for Fun and Profit

25

HTTPリクエスト HTTPSリクエスト

https://...http://...

1 2

34

Page 26: Making a Proxy for Fun and Profit

26

Page 27: Making a Proxy for Fun and Profit

27

1 2

34

ブラウザに認証局を登録=この人の署名を信用する

Page 28: Making a Proxy for Fun and Profit

28

Page 29: Making a Proxy for Fun and Profit

29

Page 30: Making a Proxy for Fun and Profit

30

Page 31: Making a Proxy for Fun and Profit

31

Page 32: Making a Proxy for Fun and Profit

32

http://mitmproxy.org/
http://www.thoughtcrime.org/software/sslstrip/
http://wiki.squid-cache.org/Features/SslBump
http://www.roe.ch/SSLsplit
http://media.blackhat.com/bh-eu-12/Jarmoc/bh-eu-12-Jarmoc-SSL_TLS_Interception-Slides.pdf
http://www.youtube.com/watch?v=aCkpOxBBnkY
http://defcon.org/images/defcon-17/dc-17-presentations/defcon-17-edward_zaborowski-doppelganger.pdf
Page 33: Making a Proxy for Fun and Profit

33


configuracion proxy

configuracion proxy

Documents
Proxy Ayuda

Proxy Ayuda

Documents
Servidor Proxy

Servidor Proxy

Documents
Practicas proxy

Practicas proxy

Education
Proxy Pattern

Proxy Pattern

Documents
Investigacion proxy

Investigacion proxy

Education
67645487 TALLER PROXY Configurando Proxy en Pfsense

67645487 TALLER PROXY Configurando Proxy en Pfsense

Documents
SQUID PROXY

SQUID PROXY

Documents
Configuración Proxy

Configuración Proxy

Documents
Proxy Mikrotik

Proxy Mikrotik

Documents
Membangun Proxy dan Transparant Proxy dengan SQUID ...ilmukomputer.org/wp-content/uploads//2008/10/arisnb-proxy-squid... · disertai cara untuk menjadikan proxy menjadi transparant

Membangun Proxy dan Transparant Proxy dengan SQUID ...ilmukomputer.org/wp-content/uploads//2008/10/arisnb-proxy-squid... · disertai cara untuk menjadikan proxy menjadi transparant

Documents
Lista Proxy

Lista Proxy

Documents
Proxy android

Proxy android

Education
Ibirimo/Summary/Sommaire page/urup - té Présidentiel portant classification des emplois de l‘Administration Publique15 B. Imiryango idaharanira inyungu/ Non profit making Associations

Ibirimo/Summary/Sommaire page/urup - té Présidentiel portant classification des emplois de l‘Administration Publique15 B. Imiryango idaharanira inyungu/ Non profit making Associations

Documents
Proxy Liste

Proxy Liste

Documents
Proxy Reverso

Proxy Reverso

Documents
การใช้งานReverse Proxy โดย Squid Proxy เบื้องต้น · server and the proxy server ... Allows transparent ... รายการ Software ที่ใช้ในการท

การใช้งานReverse Proxy โดย Squid Proxy เบื้องต้น · server and the proxy server ... Allows transparent ... รายการ Software ที่ใช้ในการท

Documents
Artikel Tentang Proxy Server Dan Proxy Website

Artikel Tentang Proxy Server Dan Proxy Website

Documents
- Tipos de «proxy». - Características. - Funcionamiento. - Instalación de servidores «proxy». - Instalación y configuración de clientes «proxy». - Configuración

- Tipos de «proxy». - Características. - Funcionamiento. - Instalación de servidores «proxy». - Instalación y configuración de clientes «proxy». - Configuración

Documents
Patrones Proxy

Patrones Proxy

Documents
proxy endian

proxy endian

Education
การใช้งานReverse Proxy โดย Squid Proxy เบื้องต้น · 2018-05-13 · Squid Proxy ... server and the proxy server evaluates the request as a

การใช้งานReverse Proxy โดย Squid Proxy เบื้องต้น · 2018-05-13 · Squid Proxy ... server and the proxy server evaluates the request as a

Documents
Proxy Ufam

Proxy Ufam

Documents
Tim Hieu Proxy Va Khai Trien Proxy Voi Isa

Tim Hieu Proxy Va Khai Trien Proxy Voi Isa

Documents
Practica Proxy

Practica Proxy

Documents
Making Change Making History

Making Change Making History

Documents
Proxy Server

Proxy Server

Documents
MySQL Proxy

MySQL Proxy

Technology
QUALITY ASSESSMENT OF FRAGRANCE MATERIALS · QUALITY ASSESSMENT OF FRAGRANCE MATERIALS . QUALITY OF FRAGRANCE MATERIALS ... adulterants for profit making

QUALITY ASSESSMENT OF FRAGRANCE MATERIALS · QUALITY ASSESSMENT OF FRAGRANCE MATERIALS . QUALITY OF FRAGRANCE MATERIALS ... adulterants for profit making

Documents
MANUAL DE ACESSO AO NOVO SITE DA BIBLIOTECA VIA PROXY › biblioteca › images › proxy › proxy-chrome.pdf · 2018-08-23 · SITE DA BIBLIOTECA VIA PROXY. Configurando o proxy

MANUAL DE ACESSO AO NOVO SITE DA BIBLIOTECA VIA PROXY › biblioteca › images › proxy › proxy-chrome.pdf · 2018-08-23 · SITE DA BIBLIOTECA VIA PROXY. Configurando o proxy

Documents