[prev in list] [next in list] [prev in thread] [next in thread]
List: owasp-webscarab
Subject: Re: [Owasp-webscarab] WebScarab intercept on transparent ethernet
From: Rogan Dawes <lists () dawes ! za ! net>
Date: 2008-04-25 8:14:22
Message-ID: 481192DE.2060700 () dawes ! za ! net
[Download RAW message or body]
Jake Peavy wrote:
> Hi all,
>
> I'm hoping WebScarab can help me with a project I've been working on.
>
> I am trying to alter an HTTP response from a server to a target
> machine. I have no alter any configuration on either the target
> machine, nor the server. (the target is not a browser performing
> requests -- it's a non-proxy aware app which speaks HTTP)
>
> What I do have the ability to do is use a dual-homed machine to insert
> myself in the transmission path for these messages. I'm using brctl to
> create a transparent ethernet bridge between the two interfaces. I can
> also use iptables and QUEUE to pass the traffic from these endpoints
> into the userspace (I /was/ working on a libipq handler, but it's
> turning ugly...)
>
> So my question is - can I use WebScarab to hook (and alter) the
> conversation I'm interested in as it traverses my machine?
>
> TIA,
Yes, you should be able to, I think.
WebScarab supports a reverse-proxy mode, where you specify a "base
address" that is prepended to the path that is requested by the client.
i.e. In WebScarab's Full-featured interface (Tools->Use full featured
interface), go to Proxy->Listeners, and create a new listener on the
port that you will be redirecting the traffic to. Specify a base address
e.g. http://target.com/80, and start the listener.
How you get the server to connect to your configured reverse-proxy is up
to you now. If you can't modify the configuration on the server (typical
approach is to modify the hosts file to point to your WebScarab box),
then I suggest you read up on how to configure transparent proxying in
Squid, or similar, to see how the underlying iptables rules need to be
set up.
One potential problem that you may face is if the request is over SSL,
and the server (client) is checking the certificate presented by the
target server. Normally one would add the WebScarab cert to the client,
so that it can trust the cert, but that may not be possible in your
situation.
Good luck.
Rogan
_______________________________________________
Owasp-webscarab mailing list
Owasp-webscarab@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-webscarab
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic