First, I pulled the old take-a-screenshot-of-the-desktop-and-set-it-as-the-background, but that just didn't seem good enough. (Plus she figured it out in about 15 seconds.) So I knew I had to break out the big guns. I remembered seeing a prank a while back ago about setting up a proxy server to mess with images on websites, and that seemed like the perfect weapon for this scenario.
I got the idea from here: http://www.ex-parrot.com/pete/upside-down-ternet.html
There are a couple of other pranks on there that are pretty cool. Anyway, the site gives the script nessecary to flip the images, but it dosen't give a novice squid user (not the tasty calamari type) intructions on how to apply it! Being a squid noob, I had to do a few more searches to familiarize myself with the process. I found this site: https://help.ubuntu.com/community/UpUbside-Down-TernetHowTo but it didn't give me a working system, so I figured I would write up a sure-fire way for this to work quickly.
For my project, I used a Ubuntu 9.10 server, mostly because I already had a virtual machine installed with almost nothing on it. Also, adding software tends to be quick and easy on ubuntu. Any linux distro will work, but the steps for adding and configuring software will vary. Windows will work as well, but I don't have a windows machine I want to fool around with (i.e. break).
I should mention that I am not using a transparent proxy since I'm assuming you have access to your victim's computer, meaning that the proxy must be set in the web browser. Also, it's probably a good idea to disable the firewall on the server computer. With Ubuntu server, the command is "service ufw stop"
Ok, so once Ubuntu is up and running, bust open the terminal and type:
sudo apt-get install squid
While we are installing things, might as well make sure Apache 2 and imagemagick are installed:
sudo apt-get install apache2 imagemagick
Make sure apache is working by opening Firefox and going to http://localhost and you should get a "It Works!" page. Run "/etc/init.d/apache2 start" if it doesn't work.
Now that we have all the software installed and apache is running, we need to configure squid. The squid configuration file is in /etc/squid/squid.conf. Open that up with root access:
sudo gedit /etc/squid/squid.conf
The squid conf file is HUGE! It's a really powerful program, and we are just going to scratch the surface. Search for "TAG: acl" and scroll down to the uncommented lines. You need to add in something like:
acl two_ten src 192.168.210.0/24
My network uses 210.0, you need to adjust to whatever fits your requirements. http://www.subnet-calculator.com/ is a nice site to figure out what network options to use.
Once the acl line has been added scroll down to the "TAG: http_access" section and add:
http_access allow twoten_network
Save the file, but don't close it yet and restart squid:
sudo /etc/init.d/squid restart
Hopefully an "[OK]" shows up. Open up Firefox and the proxy needs to be configured.
Edit->Preferences->Advanced->Network tab->Settings
3128 is the default port for squid. After applying the settings, try to browse to a website. If the site comes up normally, hooray! Almost done!
So now that squid is working normally, it's time to setup the image flipping trickery. First, apache needs a directory to store the images in with the correct permissions:
sudo mkdir /var/www/images
sudo chown www-data:www-data /var/www/images
sudo chmod 755 /var/www/images
Now add Apache to the proxy group:
sudo usermod -aG proxy www-data
Restart Apache:
sudo /etc/init.d/apache2 restart
Time to use the script provided at http://www.ex-parrot.com/pete/upside-down-ternet.html. Fire up gedit and paste the following:
Edit: just noticed that the sides of the below code are not viewable, however you can copy and paste them into a word processor.
#!/usr/bin/perl $|=1; $count = 0; $pid = $$; while (<>) { chomp $_; if ($_ =~ /(.*\.jpg)/i) { $url = $1; system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.jpg", "$url"); system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.jpg"); print "http://127.0.0.1/images/$pid-$count.jpg\n"; } elsif ($_ =~ /(.*\.gif)/i) { $url = $1; system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.gif", "$url"); system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.gif"); print "http://127.0.0.1/images/$pid-$count.gif\n"; } else { print "$_\n";; } $count++; }
If you compare this script to the one on the original page you'll notice I changed the path to the image directory on the lines that start with "system." The script will work with no editing if you used the quoted commands above to create the images directory.
Save the script as flip.pl in /usr/local/bin. Add permissions:
sudo chmod 755 /usr/local/bin/flip.pl
Add the following to squid.conf
url_rewrite_program /usr/local/bin/flip.pl
Now save and close squid.conf
Change the permissions on the script:
sudo chmod 755 /usr/local/bin/flip.pl
Restart squid and apache:
sudo /etc/init.d/apache2 restart
sudo /etc/init.d/squid restart
Done! Open up a webpage and you should see something like this:
Since this walkthrough is not using transparent mode, now the victim's computer must be configured. The proxy is configured the same way, but in windows the path may be a little different. For example using Firefox 3.6 in Windows XP, the path is:
Tools->Options->Advanced->Network>Settings
Now all you have to do is be close by to see your victim's reaction!
Let me know if any of the above doesn't work or if you have any other awesome tricks. Also, I'm probably going to write up some instructions on how to do this in transparent mode for confusion on a larger scale.
As always, feedback is welcome.
No comments:
Post a Comment