Ben's posterous

SwirlyProxy

So I had written up a nice long post about this, then my browser crashed & I lost it, so I'm going to skip the pleasentries and get right to the good stuff:

To do this to an unsuspecting user:

Swirlyproxy

Do this to your system:

  1. install node.js
  2. make sure you have curl and imagemagik
  3. save and run the code below (download)
  4. point your user's browser proxy at <your ip>:8080
  5. ?
  6. profit
var http = require('http'), fs = require('fs'), url = require('url'), exec = require('child_process').exec;

var imgActions = { /* these are some of the more fun mogrify actions that I found, feel free to add */
 maxblur: 'blur 100', blur: 'blur 50', minblur: 'blur 25',
 flip: 'flip', flop: 'flop', swirl: 'swirl 50'
}
var iAction = imgActions.swirl; /* I chose to swirl the pictures by default */
var exts = [ '\.jpg','\.gif','\.png','\.ico' ] /* these are all the image extensions */

http.createServer(function(req, res) {
 var isImage = false;
 var pUrl = url.parse(req.url,true);

 for (ext in exts) { /* determine if the file is an image */
  var regmatch = new RegExp(exts[ext],'i');
  isImage = (pUrl.path.match(regmatch)) ? true : isImage;
 }
 
 if (isImage) { /* if the file is an image */
  var fName = pUrl.pathname.replace(/.*\//,'');
  var curl = exec('curl -L '+req.url+' -o ./images/'+fName,function(err,stdout,stderr){ /* download it */
   var mogrify = exec('mogrify -'+iAction+' ./images/'+fName, function(err,stdout,stderr){ /* mogrify it */
    fs.readFile('./images/'+fName,function(err, data){
     if (err) { console.log(err); res.end(); } /* catch errors */
     else { response(res,data); } /* send the new picture to the user */
    });
   });
  });
 } else { /* everything not an image is written to the browser */
  var curl = exec('curl -L '+req.url, function(err,stdout,stderr){ /* sends stdout to the browser */
   response(res,stdout);
  });
 }
}).listen(8080);

function response(res,data) {
 res.writeHead(200);
 res.write(data);
 res.end();
}

*C-ing my A* : there are probably legal implications if you spoof/poison a network, don't do anything illegal.

The more detailed explanation is that when you run the node, it will set up an HTTP listener on port 8080, any requests that it gets, it converts into curl requests.  If it's requesting an image, it downloads the image to your machine, modifies it, and sends it on to the user.  If the file isn't a picture, it's sent on to the user.

This will NOT do HTTPS, so don't bother with it.
Posterous theme by Cory Watilo