DWS/hadrian
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

tweak dynamic url rewriting logic

Browse Source
This commit is contained in:
Kevin Pham
2023-12-01 18:45:07 -06:00
parent 47def5c610
commit 59a57f2dbd
3 changed files with 316 additions and 298 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
handlers/proxy.go
View File

@@ -33,7 +33,7 @@ func NewProxySiteHandler(opts *ProxyOptions) fiber.Handler {
SetRequestModifications( SetRequestModifications(
// rx.SpoofJA3fingerprint(ja3, "Googlebot"), // rx.SpoofJA3fingerprint(ja3, "Googlebot"),
// rx.MasqueradeAsFacebookBot(), // rx.MasqueradeAsFacebookBot(),
//rx.MasqueradeAsGoogleBot(), rx.MasqueradeAsGoogleBot(),
rx.DeleteOutgoingCookies(), rx.DeleteOutgoingCookies(),
rx.ForwardRequestHeaders(), rx.ForwardRequestHeaders(),
//rx.SpoofReferrerFromGoogleSearch(), //rx.SpoofReferrerFromGoogleSearch(),
@@ -42,6 +42,7 @@ func NewProxySiteHandler(opts *ProxyOptions) fiber.Handler {
// rx.RequestArchiveIs(), // rx.RequestArchiveIs(),
). ).
AddResponseModifications( AddResponseModifications(
tx.InjectScriptBeforeDOMContentLoaded(`(() => {let d = document.createElement("div"); d.id = "adb-check"; document.body.append(d) })()`),
tx.ForwardResponseHeaders(), tx.ForwardResponseHeaders(),
tx.BypassCORS(), tx.BypassCORS(),
tx.BypassContentSecurityPolicy(), tx.BypassContentSecurityPolicy(),

18
proxychain/responsemodifers/patch_dynamic_resource_urls.js
View File

@@ -67,8 +67,11 @@
//console.log(`proxychain: origin: ${origin} // proxyOrigin: ${proxyOrigin} // original: ${oldUrl}`) //console.log(`proxychain: origin: ${origin} // proxyOrigin: ${proxyOrigin} // original: ${oldUrl}`)
//originDomain = origin.replace("https://", "");
let scheme = origin.split(":")[0];
if (url.startsWith("//")) { if (url.startsWith("//")) {
url = `/${origin}/${encodeURIComponent(url.substring(2))}`; url = `/${scheme}://${encodeURIComponent(url.substring(2))}`;
} else if (url.startsWith("/")) { } else if (url.startsWith("/")) {
url = `/${origin}/${encodeURIComponent(url.substring(1))}`; url = `/${origin}/${encodeURIComponent(url.substring(1))}`;
} else if ( } else if (
@@ -278,6 +281,19 @@
} }
}); });
// monkey-patching Element.setAttribute
const originalSetAttribute = Element.prototype.setAttribute;
Element.prototype.setAttribute = function (name, value) {
const isMatchingElement = elements.some((element) => {
return this.tagName.toLowerCase() === element.tag &&
name.toLowerCase() === element.attribute;
});
if (isMatchingElement) {
value = rewriteURL(value);
}
originalSetAttribute.call(this, name, value);
};
// sometimes, libraries will set the Element.innerHTML or Element.outerHTML directly with a string instead of setters. // sometimes, libraries will set the Element.innerHTML or Element.outerHTML directly with a string instead of setters.
// in this case, we intercept it, create a fake DOM, parse it and then rewrite all attributes that could // in this case, we intercept it, create a fake DOM, parse it and then rewrite all attributes that could
// contain a URL. Then we return the replacement innerHTML/outerHTML with redirected links. // contain a URL. Then we return the replacement innerHTML/outerHTML with redirected links.

1
proxychain/responsemodifers/patch_tracker_scripts.go
View File

@@ -66,6 +66,7 @@ func PatchTrackerScripts() proxychain.ResponseModification {
// preflight checks // preflight checks
reqURL := chain.Request.URL.String() reqURL := chain.Request.URL.String()
isTracker := false isTracker := false
//
var surrogateScript io.ReadCloser var surrogateScript io.ReadCloser
for domain, domainRules := range rules { for domain, domainRules := range rules {