A set of tools for running a proxy.pac setup that will force advanced proxy settings or block unwanted network requests usable on anything that supports proxy.pac
Python PHP JavaScript
Switch branches/tags
Nothing to show
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
README
blackhole_server.py
proxy.pac
proxy.php

README

This is a set of tools to help create a privacy enhancing proxy for devices which support proxy.pac files. While this includes most web-browsers, it is specifically targeting mobile browsers, which do not support advanced add-on functionality.

This work was originally presented in slides 27-30 of http://www.slideshare.net/sensepost/a-brave-new-world-9962265

This is published under the GPL v3.
By Singe at Sensepost

INSTALLING
----------

You'll need to put the proxy.pac file on a webserver somewhere. If you want to use the dynamic version, you'll need PHP running on a webserver hosting proxy.php.

Currently, both are configured to use the default googlesharing proxy, and my blackhole proxy. I'd recommend changing those.

You can install this on an iOS device, for use over the mobile network by editing /Library/Preferences/SystemConfiguration/preferences.plist and adding the ProxyAutoConfigURLString as per below:

<dict>
	<key>HTTPEnable</key>
		<integer>0</integer>
	<key>HTTPProxyType</key>
		<integer>2</integer>
	<key>HTTPSEnable</key>
		<integer>0</integer>
	<key>ProxyAutoConfigEnable</key>
		<integer>1</integer>
	<key>ProxyAutoConfigURLString</key>
		<string>https://<host>/proxy.php</string>
</dict>

CONFIGURING
-----------

The included python file will run a black hole HTTP server to make WebKit respect "blocked" addresses. I'd recommend running your own. It's pretty safe, does very little, and drops privileges to reduce chances of exploitation doing anything.

Additionally, by default it uses proxy.googlesharing.net. You should also run your own GoogleSharing server, both so there will be more, and to reduce load on that proxy.

Once done, you'll need to edit the proxy.* files to make that change.

USE
---

proxy.php support the following options:
https://<whereever>/proxy.php?
	proxy=<>	-setsdefaultproxy
	&port=<>	-setsdefaultproxyport
	&socks		–makesitaSOCKSproxy