in reply to Site Blocker Work Around CGI help

You will get caught and the brown stuff will probably hit the fan. You have been warned. Anyway save yourself some effort and try one of the online anonymisers here You may well find one that is unblocked. Or you may like to use some of the GNU stuff that already does this like httpbridge. httpbridge is also 'good' because it uses https which is opaque to logging software ie all that is visible is the CONNECT mysite.com:443 pipe - what you do inside that pipe can't be seen.

Anyway if you don't find satisfaction anywhere above at least you will be able to see how they do it which is in essence this:

  1. Set up a socket server that listens on port 80 at mysite.com
  2. This socket server will accept requests in the form http://mysite.com/http://othersite.com
  3. When your server gets a request you will need to make a few modifications to it before passing it right along. Do that ;-) Make a socket to othersite.com and forward on the slightly modified request almost verbatim.
  4. When you get the data back pass it straight back to the client unless it is text/html. If it is text/html replace every LINK with http://mysite.com/http://othersite.com/LINK then pass it back. That way all the links pass back to you* except the ones that you will miss...

It is not actually very hard but you do need to understand HTTP headers pretty well. To get http://somesite.com/index.htm you connect a socket to somesite.com and ask for /index.htm. So you will need to modify a header that will look something like: 

[GET|POST] http://othersite.com/LINK HTTP1/1.1
Host: mysite.com
Content-Length: 1234
....

to one that looks like

[GET|POST] /LINK HTTP/1.1
Host: othersite.com
Content-Length: ACCURATE!

[download]

Once you have modified the header you just make your socket to othersite.com and pipe the request through. Note that hard coded links like http://google.com in a page you serve up will end up as: http://mysite.com/http://othersite.com/http://google.com. You need to be smart enough to deal with this sort of issue, which is one of the many you will come across. It is actually quite hard to get it to work really well due to the complexities of javascript and CSS and cookies. You know you are doing well when hotmail works which requires a man in the middle attack.....

BTW I am adding your URL to our blocklist :-)

cheers

tachyon

In Section Seekers of Perl Wisdom