Modify request from Open VPN server

蹲街弑〆低调 提交于 2021-01-07 00:02:26

问题


I'm doing a POC on a product where I need to set up a VPN server and manipulate the request (basically the URL parameters, not the headers/form data). I'll share my findings in this post and the blockers too. Need some advice on the blockers.

My setup:-

oVPN client -> oVPN server -> Squid Proxy -> Internet
                                  |
                               Logstash
                                  |
                                Kibana

Logstash parses the squid proxy logs (the browsed URLs) and dumps it to ES which is then viewed on kibana.

Findings.

  1. When my client connects with the VPN server and browses the HTTP URLs (both from app and mobile browser), it shows up on the Kibana. I can manipulate the request too.
  2. When my client connects with the VPN server and browses the HTTPs URLs (from the mobile browser), it shows up on the Kibana. I can manipulate the request too. This is because the browser has a set of authorized public certificates which allows for a successful handshake.
  3. When my client connects with the VPN server and browses the HTTPs URLs (from the apps), it does not shows up on the Kibana. This is because of certificate pinning. The connection is dropped by the client upon not being able to verify the domain certificate. And as a result of which, I cannot manipulate the request.

Blockers

What I'm stuck at is pointer 3? I know ISPs and VPNs can track my browsing history, not just domains but the complete URL. I know theoretically, my HTTPs requests are encrypted, and hence only domain names are visible. There's something I'm missing that I'm not aware of. Want some opinion here on how this is possible?

Expecting some positive news.

来源:https://stackoverflow.com/questions/65122190/modify-request-from-open-vpn-server

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!