Update to Tor Hacking Utilities Package
I've posted a new version of my Tor hacking utilities. This is a collection of crude scripts that was written to make my life easier when working from an isolated Tor environment. Basically, I got tired of tying together socat pipelines and wrote these scripts to simplify some common tasks.
The 'socks-http.pl' script has been added. It is a command-line utility that can be used to make basic HTTP requests directly over the Tor SOCKS port. Normally, HTTP requests are going to be funnelled through an HTTP proxy such as Privoxy or Polipo. These proxies generally apply a certain set of checks to verify that the HTTP request is valid. But when you need to send invalid HTTP requests, these checks represent a serious problem. And that is where the 'socks-http.pl' script comes in handy.
The socks-http.pl script accepts command line options that are extremely similar to wget:
usage: ./socks-http.pl [options] URI
make HTTP request via Tor
options:
-O, --output=<file> Output (defaults to STDOUT)
-OO, --output-overwrite=<file> Output and overwrite
--referer=<referer>
-U, --user-agent=<UA> User-agent
--host=<host>
--method=<method> GET,HEAD,TRACE,etc.
--debug print request
--socksdebug enable SOCKS debugging
--request=<file> read request from file
-S, --server-response print server response
--post-data=<data> send post data
--post-file=<file> send post data from file
--header=<header> Added HTTP header (can be repeated)
--url-encode URL encode the request PATH
--help Display this help
A normal request may appear as:
./socks-http.pl --post-data="user=' or 1=1--%0a" \
--header="X-Forwarded-For: 127.0.0.1" \
--header="Cookie: admin=1" \
'http://example.com/admin/search.cgi'
Whereas a malformed request could be sent as:
./socks-http.pl --method='%s' --host='localhost.localdomain' \
'http://example.com:80http://localhost.localdomain/'