Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
For any nonsense or banter that doesn't fit anywhere else. LoL! omg! ROFL! 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Locally Redirect domain
Posted by: Royal2000H
Date: April 20, 2009 07:57AM

Basically, I'm trying to reverse engineer a program.

When you open the program, it consults the site.
for example: http://www.site1.com/authenticate.php
which outputs true or false
If it gets false - program closes. If it gets true - access granted.

Up until now, I've been using burp to do this (which greatly slows everything down)

So I want to do something like this.
When the program opens http://www.site1.com/authenticate.php
my computer will actually open http://www.mysite.com/authenticate.php
(On my site, it'll always return true)

I thought about hosts file, but that goes to IP only, which would make it have to be
111.111.111.111/~mysite/authenticate.php
instead of 111.111.111.111/authenticate.php

Any ideas?

Thanks

Options: ReplyQuote
Re: Locally Redirect domain
Posted by: thornmaker
Date: April 20, 2009 09:09AM

If it's slowing things down in Burp, then perhaps you are not automating it? Under Proxy -> Options you can automatically "match and replace" text in the Response Body to switch false to true.

Options: ReplyQuote
Re: Locally Redirect domain
Posted by: thrill
Date: April 20, 2009 09:27AM

edit your hosts file to look like this:

www.site1.com ip.address.to.yoursite.

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Options: ReplyQuote
Re: Locally Redirect domain
Posted by: Royal2000H
Date: April 20, 2009 02:24PM

thrill, I think you mean:
ip.address.to.mysite www.site1.com

The problem is mysite is on a shared server. so the ip address wont serve files.
instead its: ip.address.to.mysite/~mysite/ = mysite.com

So if I try doing that still:
site1.com/authenticate.php will go to ip.address.to.mysite/authenticate.php (nonexistent) instead of ip.address.to.mysite/~mysite/authenticate.php (which is also mysite.com/authenticate.php)


Also, Burp is no good long term, as it does slow everything down since it scans every packet (even if it's in auto mode), and it makes it (close to) impossible to browse on secure sites due to certificate and other secure/non-secure issues...



Edited 2 time(s). Last edit at 04/20/2009 02:34PM by Royal2000H.

Options: ReplyQuote
Re: Locally Redirect domain
Posted by: wireghoul
Date: April 20, 2009 09:23PM

Royal2000H Wrote:
-------------------------------------------------------
> I thought about hosts file, but that goes to IP
> only, which would make it have to be
> 111.111.111.111/~mysite/authenticate.php
> instead of 111.111.111.111/authenticate.php

That is not how the hosts file works at all, it overrides DNS but does not magically alter the url. Allow me to illustrate...

When an application, browser or otherwise makes a http request it first needs to know where to connect to, so it looks up the IP of the server:
www.justanotherhacker.com -> 66.71.251.175
It then connects to 66.71.251.175 (on port 80 or 443 usually) and sends the http request:
GET / HTTP/1.1
Host: www.justanotherhacker.com

and gets it response. If you modify your hosts file the only thing that changes is which IP it connects to, the http request stays the same, so it doesn't go from www.justanotherhacker.com to 66.71.251.175/~justanotherhacker/

Your best solution here would be to write a basic http handler in your favorite programming language, run it, and then add a hosts entry to have it redirect to 127.0.0.1. Now the handler running on 127.0.0.1:80 will receive traffic for the domain...ie:
GET / HTTP/1.1
Host: www.justanotherhacker.com

127.0.0.1 is the localhost interface you are talking to the local machine, you don't even need internet for this. You can then programatically select the responses to feed from your "web server". You win!

Some psuedo code to help:
#!/usr/bin/poc
#Not really a web server FTW!
$socket=listen(80); #Make a socket listen on port 80
while ($socket_data) {
  #Look for the \n\n that terminates a http request
  if $socket_data contains "\n\n" {
    print "Content-Type: html/text\n"; #Use valid and correct headers here
    print "True\n\n";
  }
}
I hope this helps.

[www.justanotherhacker.com]



Edited 2 time(s). Last edit at 04/20/2009 09:29PM by wireghoul.

Options: ReplyQuote
Re: Locally Redirect domain
Posted by: Royal2000H
Date: April 20, 2009 11:45PM

wireghoul... that's what I was saying

My post said that it DOESNT do that - which is why hosts is NOT a solution.
Of course it doesn't magicall alter the url.

That's why I was looking for a solution that will alter the url (or at least the response...

Unfortunately, I only know web programming (PHP, javascript, etc) so I won't be able to write something to handle this without running a bloated web server.

Options: ReplyQuote
Re: Locally Redirect domain
Posted by: wireghoul
Date: April 21, 2009 08:17PM

Well php can handle sockets, and does not need a webserver to do a simple POC type script like I mentioned and even then you can easily download and run a 300k web server lite application that serves web pages on your os.
http://www.php.net/socket_bind FTW!

Most web friendly programming languages usually offer a web server like script for local testing, I know perl, ruby and python all does, not 100% on php. Google can probably help you with that tho.

[www.justanotherhacker.com]

Options: ReplyQuote
Re: Locally Redirect domain
Posted by: thornmaker
Date: April 23, 2009 09:02PM

just to be clear... you're turning intercept to off in burp, right? I can't see how it could be significantly slowing things down otherwise. Also, SSL has never been an issue for me... just have to accept Burp's cert for any SSL site.

Options: ReplyQuote
Re: Locally Redirect domain
Posted by: kuza55
Date: April 26, 2009 07:47AM

I usually find that making the domain resolve to something invalid usually works just as well as actually emulating what the program expects to get back (in most cases, you can't really sell an app that doesn't work when there's no internet).

----------------------------------------------------------
Don't forget our IRC: irc://irc.irchighway.net/#slackers
[kuza55.blogspot.com]

Options: ReplyQuote


Sorry, only registered users may post in this forum.