April Fools Pranks with a Squid Proxy Server

Haozhe Xie

April 1, 2016

9 min read

Introduction

Note: This guide was tested using Ubuntu Server 14.04.4 LTS.

This is a HowTo for setting up Upside-Down-Ternet on Ubuntu. Basically, when a user browses the web, all the images are flipped upside-down. While it’s not useful, it’s quite a good April Fool’s prank.

The process uses a transparent proxy, web server, and script to flip the images. Web traffic is routed to the proxy, instead of the default gateway, which is intercepted by the proxy which then downloads and modifies the images and then serves them back to the client browser.

In this guide the OpenWrt router stays the gateway, but because it’s too underpowered to process the images, it transparently forwards all HTTP traffic to a separate Ubuntu machine that runs Squid, Nginx, and the flip script.

Setting up the Proxy

The proxy used in this guide is Squid v3.3.8. The IP of this server is 192.168.113.253.

Installation

sudo apt-get install squid

Configuration

Edit the configuration file located in /etc/squid3/squid.conf.

# HTTP Proxy
# http_port 3128
http_port 3128 accel vhost allow-direct

acl lan src 192.168.113.0/24
http_access allow lan

# Cache
cache_mem 1000
cache_dir ufs /var/spool/squid3 1000 16 256

# Logs
access_log /var/log/squid3/access.log squid
cache_store_log /var/log/squid3/store.log
cache_log /var/log/squid3/cache.log

# Funny Program
redirect_program /etc/squid3/april-fool.pl
redirect_rewrites_host_header off
redirect_children 200

Note: In later Squid releases, redirect_program, redirect_children, and redirect_rewrites_host_header were renamed to url_rewrite_program, url_rewrite_children, and url_rewrite_host_header. Use those names if you’re on a newer version than 3.3.8.

Setting up the Web Server

In this section, Nginx will be installed on your computer. You can install Apache if you’d like to.

Installation

sudo apt-get install nginx

Configuration

Since Squid runs with the user proxy, Nginx should also run with the same user in order to serve the images. So we need to change the first line in the file located in /etc/nginx/nginx.conf.

user proxy;

As Nginx is going to provide modified images, a directory where those images are stored needs to be created. Create a directory where the images are to be stored and set the correct directory permissions:

sudo mkdir /usr/share/nginx/html/april-fool
sudo chown proxy:proxy /usr/share/nginx/html/april-fool
sudo chmod 775 /usr/share/nginx/html/april-fool

Restart Nginx after you complete the steps above.

Setting up the Image Script

Install libwww-perl and imagemagick with the following command:

sudo apt-get install libwww-perl imagemagick

Create and edit a file called ‘april-fool.pl’ in /etc/squid3. Paste the following:

#!/usr/bin/perl
########################################################################
# flipImages.pl        --- Squid Script (Flips images vertical)        #
# g0tmi1k 2011-03-25   --- Original Idea: http://www.ex-parrot.com/pete#
########################################################################
# Note ~ Requires ImageMagick                                          #
#    sudo apt-get -y install imagemagick                               #
########################################################################
use IO::Handle;
use LWP::Simple;
use POSIX strftime;

$debug = 0;                                       # Debug mode - create log file
$ourIP = "192.168.113.253";                       # Our IP address
$baseDir = "/usr/share/nginx/html/april-fool";    # Needs be writable by 'proxy'
$baseURL = "http://".$ourIP."/april-fool";        # Location on websever
$mogrify = "/usr/bin/mogrify";                    # Path to mogrify

$|=1;
$flip = 0;
$count = 0;
$pid = $$;

if ($debug == 1) { open (DEBUG, '>>/tmp/flipImages-debug.log'); }
autoflush DEBUG 1;

print DEBUG "########################################################################\n";
print DEBUG strftime ("%d%b%Y-%H:%M:%S\t Server: $baseURL/\n",localtime(time()));
print DEBUG "########################################################################\n";
while (<>) {
   chomp $_;
   if ($_ =~ /(.*\.(gif|png|bmp|tiff|ico|jpg|jpeg))/i) {                         # Image format(s)
      $url = $1;                                                                 # Get URL
      if ($debug == 1) { print DEBUG "Input: $url\n"; }                          # Let the user know

      $ext = ($url =~ m/([^.]+)$/)[0];                                           # Get the file extension
      $file = "$baseDir/$pid-$count.$ext";                                       # Set filename + path (Local)
      $filename = "$pid-$count.$ext";                                            # Set filename        (Remote)

      getstore($url,$file);                                                      # Save image
      system("chmod", "a+r", "$file");                                           # Allow access to the file
      if ($debug == 1) { print DEBUG "Fetched image: $file\n"; }                 # Let the user know

      $flip = 1;                                                                 # We need to do something with the image
   } else {                                                                      # Everything not a image
      print "$_\n";                                                              # Just let it go
      if ($debug == 1) { print DEBUG "Pass: $_\n"; }                             # Let the user know
   }

   if ($flip == 1) {                                                             # Do we need to do something?
      system("$mogrify", "-flip", "$file");
      system("chmod", "a+r", "$file");
      if ($debug == 1) { print DEBUG "Flipped: $file\n"; }

      print "$baseURL/$filename\n";
      if ($debug == 1) { print DEBUG "Output: $baseURL/$filename, From: $url\n"; }
   }
   $flip = 0;
   $count++;
}

close (DEBUG);

Within the script, change 192.168.113.253 to your IP address.

Change the scripts file permissions:

sudo chmod 755 /etc/squid3/april-fool.pl

After editing this file, restart the Squid server with the following command:

sudo service squid3 restart

Setting up Routing on the Proxy Machine

The OpenWrt router is the clients’ gateway, but it’s too underpowered to download and flip the images itself, so it forwards all HTTP traffic to this Ubuntu machine. Run the following commands on the Ubuntu machine so it forwards that traffic and hands it to Squid:

#delete all rules
sudo iptables -F
sudo iptables -t nat -F
sudo iptables -t mangle -F
sudo iptables -X

# Enable routing.
echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward

# Masquerade.
sudo iptables -t nat -A POSTROUTING -j MASQUERADE

# Transparent proxying
sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128

Setting up Routing on the OpenWrt Router

The router is the gateway for the 192.168.1.0/24 LAN, reachable at 192.168.1.1. Because it isn’t powerful enough to flip the images itself, all we do here is redirect the clients’ HTTP traffic to the Squid server at 192.168.113.253. So we need to set up iptables on the router.

The router is running OpenWrt Chaos Calmer 15.05.1.

First, log in to the router with the SSH command:

ssh root@192.168.1.1

Then, set up traffic redirection:

sysctl -w net.ipv4.ip_forward=1

After that, add the following rules to /etc/firewall.user:

iptables -t nat -A PREROUTING -i br-lan -p tcp --src 192.168.1.0/24 --dport 80 -j DNAT --to 192.168.113.253:3128

Finally, restart the firewall on the router:

/etc/init.d/firewall restart

That’s it, you’re done, enjoy. Here’s the screenshot XD.

Cleaning Up

You will end up with a lot of images in your /usr/share/nginx/html/april-fool directory. Simply add this to your /etc/crontab file:

*/10 * * * * proxy rm /usr/share/nginx/html/april-fool/*

This will clear the /usr/share/nginx/html/april-fool/ directory every 10 minutes.

Reference

The Disqus comment system is loading ...
If the message does not appear, please check your Disqus configuration.