Anonymous Proxy with PHP

[r22pl]

i was wondering if any of you know how to make a browser-type script in php using frames, iframes, or includes that uses an anonymous proxy

something like BypassIt.com, i saw they use PHP

if not php, possibly cgi or something else?

i just want to know the script that can be put in, i can make the rest

 

[primacomputer]

Read the remote URL in from the query string. Get the remote URL into a variable If your using PHP you probably wget in the toolbox. That's what I usually use. (I've used the MS xmlhtml thing as well, and plain old sockets). This is where you set your agent, referrer, etc.

Then create a list of substitutions that need to be done. Regexs make this particularly painless. For example, you might want to replace “http://” with “http://yoursite/proxy.php?”, insert “/proxy.php?” into relative links, etc.

Now write out the variable. There's not much more to it than that.

 

[axilant]

<?php
$user = "xxxxxx";
$pass = "xxxxxxx";


// Tango with the user input
$luser = $_COOKIE['user'];
$lpass = $_COOKIE['pass'];

if(!$luser|!$lpass) {
    $luser = $_POST['user'];
    $lpass = $_POST['pass'];
    setcookie('user', $luser);
    setcookie('pass', $lpass);
    if(!$luser|!$pass) {
        echo "<form method='post'><input type='text' name='user'><br><input type='password' name='pass'><br><input type='submit' value='auth!'></form>";
        exit;
        }
    }

// Authenticate
if(($user != $luser)|($pass != $lpass)) {
    setcookie('user');
    setcookie('pass');
    die('wrong pass and shit');
    }

// Do we have an url?
if(!$_GET['url']) {
    echo "<form><input type='text' name='url' value='http://'><input type='submit' value='Gogo!'></form>";
    exit;
    }

// Do some initialization, fetching
$url = urldecode($_GET['url']);
$url_bits = parse_url($url);
// For rewriting
$host = $url_bits['host'];
$path = $url_bits['path'];
// Since some web browsers actually support spaces in urls, there are some
// websites that have them as well (edge forums :). Let's be graceful about
// those. no reason to comply with the rfcs, is there?
$url = str_replace(' ', '%20', $url);

// only http requests
if($url_bits['scheme'] != 'http')
    die("HTTP only. For now at least.");

// Get the web resource
if(($connection = @fopen($url, 'r')) === FALSE) {
    die("404 or similar. page can't be opened");
    }
$content = '';
while (!feof($connection))
    $content .= fread($connection, 8192);

// Get content-type from headers
foreach($http_response_header as $header)
    ereg('content-type: ([^;]*)', strtolower($header), $regs);
$ctype = $regs[1];

// If it should prove to be neccessary, do some content-type guessing with mime
// magic shit or file name.. doesnt look to important since most servers always
// specify content-type.

fclose($connection);

// Rewrite 'href=', 'src=', 'action='
if($ctype == 'text/html') {
    // This obviously isn't very elegant.. will be cutting the conent
    // and doing rewriting piece by piece
    $pose = 0;
    $pos = 0;
    $content_rewritten = '';
    // Find a new tag
    while(($pos = strpos($content, '<', $pose)) !== FALSE) {
        // Add everything between this and the last tag
        $content_rewritten .= substr($content, $pose, $pos - $pose);
        // Get content of this tag
        $pose = strpos($content, '>', $pos);
        $cont = substr($content, $pos, $pose - $pos);
        
        // Find possible urls and rewrite them
        $link = '';
        eregi('(((href)|(src)|(action)) ?= ?[\'"]?)([^\'" >]*)', $cont, $link);
        if($link[1])
            $cont = ereg_replace($link[1] . slashreg($link[6]), $link[1] . rewrite($link[6]), $cont);
            
        // Write the tag to the content
        $content_rewritten .= $cont;
        $pos = $pose;
        }
    // Write the end of content and make it actual
    $content_rewritten .= substr($content, $pose);
    $content = $content_rewritten;
    }

// Cough it out
echo $content;

// This rewrites the different urls
function rewrite($url) {
    global $host, $path;
    if(strtolower(substr($url, 0, 7)) == 'http://') {
        $url = urlencode($url);
        }
    else if(strtolower(substr($url, 0, 11)) == 'javascript:') {
        return $url;
        }
    else if(substr($url, 0, 1) == '/') {
        $url = urlencode('http://' . $host . $url);
        }
    else {
        $url = urlencode('http://' . $host . '/' . ereg_replace('/?(.*)/.*', '\\1/', $path) . $url);
        }
    
    return 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME'] . '?url=' . $url;
    }

// Slashes some things that **** with ereg_replace
function slashreg($str) {
    return str_replace(array("\\","(",")","?"),array("\\\\","\\(","\\)","\\?"), $str);
    }

?>

uses the ip of the server, check the fopen function on how to connect to a proxy and get a website. This also rewrites urls.

 

[r22pl]

do you need to have the username and password in there in order for it to work?

and some websites ive tried came up as errors

 

[Ferman]

is it possible to modify this script to work for ftp:// https:// urls ? jmarshall s cgiproxy does it but i need a php one

 

[r22pl]

im looking for one with like frames or something

 

[axilant]

im looking for one with like frames or something

i dont think that would work without a downloaded program?

 

[r22pl]

oh ok, well i'll try the one you posted earlier tomorrow in school

 

[primacomputer]

If you have to frame it why not frame the original page that posts to the script? After the form is posted the results of the script will display inside the frame.

 

[r22pl]

ok thanks

 

[axilant]

why do you need something like this? If you can explain the use, i can help you a little bit more.

 

[stscac]

i think there is a php application called snoopy, try sf.net and look for it, i know i saw it :tu:

 

[axilant]

i think there is a php application called snoopy, try sf.net and look for it, i know i saw it :tu:

Well snoopy is mainly for connecting to a proxy and then pulling information :P such as whois

Well snoopy is mainly for connecting to a proxy and then pulling information :P such as whois

nope i was wrong forgive me,

http://sourceforge.net/projects/snoopy/

 

[r22pl]

in my internet class at school, i need to make something that you can browse with anonymous proxy. something similar to www.bypassit.com or www.proxify.com, but i dont need all those options. just an input box

 

[axilant]

so basicly your asking someone to do your homework?

 

[r22pl]

no its not homework, its for the teacher, she needs to use it and asked our class to see if we could get one, because all the other ones were blocked by our internet filter

 

[primacomputer]

Teach wants to surf porn on the job eh?

 

[r22pl]

haha i hope not

 

[redking]

no its not homework, its for the teacher, she needs to use it and asked our class to see if we could get one, because all the other ones were blocked by our internet filter

I think you're asking someone to do your homework. I'm sure a teacher for an "internet class" could find such a program herself.

 

[r22pl]

no, im not. and besides, i figured it out myself