通过 coova-captive-frame 现实广告注入

秦时*** · 发表于 2014-6-30 13:05

本帖最后由秦时老猫于 2014-6-30 13:17 编辑

coova-captive-frame 介绍 :http://www.coova.org/node/4656
packages： http://dev.coova.org/svn/coova-ap/packages/coova-captive-frame/

cd /home/openwrt/

./script/feeds install tinyproxy

make menuconfig

make package/feeds/packages/tinyproxy/compile V=99

cd package

svn http://dev.coova.org/svn/coova-ap/packages/coova-privoxy

cd ..

make menuconfig

make package/feeds/packages/tinyproxy/compile V=9

scp bin/ar71xx/packages/tinyproxy_*.ipk root@192.168.1.1/tmp

scp bin/ar71xx/packages/coova-privox*.ipk root@192.168.1.1/tmp

ssh root@192.168.1.1

cd /tmp/

opkg install *.ipk

cat>/etc/privoxy/custom.action<<EOF

for-privoxy-version=3.0.3

fragile = -block -filter -hide-referer -kill-popups

{ \

-add-header \

-block \

-crunch-outgoing-cookies \

-crunch-incoming-cookies \

-deanimate-gifs{last} \

-downgrade-http-version \

-fast-redirects \

+filter{captive-frame} \

-handle-as-image \

-hide-forwarded-for-headers \

+hide-from-header{block} \

-hide-referrer{forge} \

-hide-user-agent \

-kill-popups \

-limit-connect \

+prevent-compression \

-send-vanilla-wafer \

-send-wafer \

-session-cookies-only \

-set-image-blocker{pattern} \

}

/

{+handle-as-image -filter}

/.*\.(gif|jpe?g|png|bmp|ico)

{fragile}

www.coova.*

coova.*

$([ -n "$HS_UAMALLOW" ] && for h in $HS_UAMALLOW; do echo $h; done)

EOF

HS_CFRAME_JS="http://1.0.0.1/cframe-js"

HS_CFRAME_RD="http://1.0.0.1/cframe-rd"

cat>/etc/privoxy/custom.filter<<EOF

FILTER: captive-frame Captive Frame HotSpot

s|<head(.*)>|<head\$1><script type="text/javascript" src="$HS_CFRAME_JS"></script><noscript><meta http-equiv="refresh" content="0;$HS_CFRAME_URL?js=no"></noscript>|Uis

EOF

mkdir /etc/privoxy/templates >&- 2>&-

# lets use this interface ;)

F_C="<frame noresize=\"noresize\" src=\"$HS_CFRAME_URL?nasid='+esc('$HS_NASID')+'&nasmac='+esc('$HS_NASMAC')+'&ssid='+esc('$HS_SSID')+'&clientip=@client-ip-address@&url='+esc(window.location)+'\">"

F_T="<frame noresize=\"noresize\" src=\"$HS_CFRAME_RD?url='+esc(window.location)+'\">"

# F_T="<frame src=\"'+window.location+'\">"

SZ=$HS_CFRAME_SZ

case "${HS_CFRAME_POS:-top}" in

top) fmt="rows=\"$SZ,*\""; F1=$F_C; F2=$F_T ;;

bottom) fmt="rows=\"*,$SZ\""; F1=$F_T; F2=$F_C ;;

left) fmt="cols=\"$SZ,*\""; F1=$F_C; F2=$F_T ;;

right) fmt="cols=\"*,$SZ\""; F1=$F_T; F2=$F_C ;;

esac

mkdir /etc/privoxy/templates 2>&-

cat>/etc/privoxy/templates/cframe-js<<EOF

alert('http注入测试!')

EOF

cat>/etc/privoxy/templates/cframe-rd<<EOF

<html>

</html>

EOF

启动:

privoxy /etc/privoxy/config tinyproxy -c /etc/tinyproxy.conf

iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8888

(720n 测试)

gho*** · 发表于 2014-6-30 14:29

这个做广告的好手段呀

tzxi*** · 发表于 2014-6-30 14:31

不明觉厉

秦时*** · 发表于 2014-6-30 22:07

ghostja 发表于 2014-6-30 14:29
这个做广告的好手段呀

就是 https 无效。

ruo*** · 发表于 2014-7-3 18:34

.SVN下载下来的编译不过. ...
/etc/privoxy/config 没有这文件

秦时*** · 发表于 2014-7-19 11:15

ruoknow 发表于 2014-7-3 18:34
.SVN下载下来的编译不过. ...
/etc/privoxy/config 没有这文件

错误信息是什么？

账号		自动登录	找回密码
密码			立即注册

通过 coova-captive-frame 现实广告注入

本帖子中包含更多资源

点评

点评