Giter Site home page Giter Site logo

eoftedal / malaria-proxy Goto Github PK

View Code? Open in Web Editor NEW
23.0 4.0 5.0 283 KB

Proof of concept code (which means poor code quality) for a proxy abusing unrestricted cross domain policies.

Home Page: http://erlend.oftedal.no/blog/?blogid=107

JavaScript 22.54% Java 39.42% C# 38.04%

malaria-proxy's Introduction

This is a Proof-Of-Concept and thus the code quality is very poor
and it has some limitations (see below).
Any help in approving it appreciated.

Brief overview
--------------
The backend is what the attacker's browser connects to on port 8080
The silverlight or flex RIA connects to the backend on a seperate
download port. This port is set when starting the backend, and it
must be 4502-4530 for silverlight (for flex it can be almost any port).
The backend forwards the url to either the flex/silverlight RIA which
runs in the victim's browser. The RIA downloads the data on behalf of
the victim (using the victim's cookies etc.), and passes the data back
to the backend, which then sends it back to the attacker.

To be able to connect to a socket, the flex or silverlight RIA tries
to download a socket policy file on port 843 and 943 respectively.
So the backend listens on these ports and supplies files as needed.
If the flex RIA is not able to connect to 843, it will try to download
the socket policy through the download port mentioned above.

Current limitations
-------------------
- The proxy runs the requests as a FIFO - not multithreaded

malaria-proxy's People

Contributors

eoftedal avatar koto avatar

Stargazers

Decidedly Gray avatar avatar avatar David Manouchehri avatar Alex Just Alex avatar Ionuț Ambrosie avatar Tiago Mendo avatar Julian Lugod avatar avatar pyllyukko avatar avatar Steve C avatar Akash Mahajan avatar avatar . avatar buherator avatar avatar avatar avatar Michael avatar Martin Wišo avatar Zach Carter avatar Pedro Melo avatar

Watchers

avatar Jean-Louis Huynen avatar James Cloos avatar Andre Gironda avatar

Forkers

eliotsolomon koto akiraaisha vijayeluri

malaria-proxy's Issues

updates

Hey @eoftedal , I'm a writer for an infosec-ish website and I was hoping to demonstrate how hackers are able to proxy HTTP requests from a hooked or compromised browser in an upcoming article.

Your blog post, "I'm in your browser, surfin your webs", was very informative but it was published 8 years ago and it doesn't seem like there's been much development on MalaRIA-Proxy
(unfortunately). Where can I learn more about proxying HTTP requests from a compromised browser? I was playing around with BeEF's Tunneling/proxying module, but as you probably know, cross-domain proxying isn't supported by BeEF. You seem to have an excellent understanding of this subject. I would be very interested in hearing your thoughts on the this.

doesn't work

I've been trying it in a pentest. would be nice a quick fix:)

this is what i get when trying to browse:

java malaria.MalariaServer localhost 8081
Starting listener on port 8081 from hostname localhost
Starting http proxy on port 8080

Starting MalariaServer
Silverlight policy server starting in port 943 for serving policy for localhost and port 8081
Flex policy server starting in port 843 for serving policy for localhost and port 8081
Flex policy server>> Client connected

Flex policy server>> Policy established
0:0:0:0:0:0:0:1
Client connected
Read 5
<- Hello
Read 179
No match
Read 179
No match
Read 179
No match

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.