0
For testing purposes, I need to change the contents of a given URL, to see how an application would react to it. Is there any way to do this on Windows?
Ex.: Make Foo.exe get <html><body><p>Hello!</p></body></html> when requesting GET http://www.google.com.
Romário
Posted 2016-08-11T22:58:50.097
Reputation: 103
1
You can use Fiddler for this. It acts as a proxy between your computer and the Internet. One if its features called AutoResponder can be used to alter how specific requests are handled. It will even let you simulate delays.
EXACT: prefix, eg. EXACT:http://www.example.com/api/v2/lists. Select a file that you want to use as a response. The file should contain complete HTTP response, including headers.Of course for this to work, your app must respect system's proxy configuration. If it doesn't, but you can enter proxy settings manually, Fiddler will run on localhost:8888 by default - you can use that.
If you don't want to manually craft a valid HTTP response file, just create a file with whatever content you want, upload it to any server and open in your browser. It should appear in Fiddler. Right-click it, then click Save → Response → Entire response.
If the website you want to replace is using SSL/TLS (HTTPS connection), it's a bit more complicated. Fiddler can be set up to perform a man-in-the-middle attack on such connections (it will basically decrypt them using valid certificate, edit the response according to your instructions and re-encrypt using its own certificate that you have to add to Windows' trusted certificate store). This will, however, cause problems in programs that use certificate pinning: those will detect that the content is signed with unknown certificate and act accordingly. For example Chrome will call home to report if non-Google issued certificates are detected in Google domains.
gronostaj
Posted 2016-08-11T22:58:50.097
Reputation: 33 047
0
I managed to build Foo.exe, so this won't be necessary to me anymore, but, before giving up, I found a network debugging tool called Charles. One of the functionalities it offers is local DNS spoofing:
Charles contains a list of domain name to ip address mappings which you configure. When a request comes in for a listed domain name, the Spoof DNS plugin finds the spoof IP redirects the request to that address. The Host HTTP-header remains intact, so it is exactly as if your DNS server returned the spoofed IP.
It's a paid app, but it could be useful to anyone in a situation similar to mine.
Romário
Posted 2016-08-11T22:58:50.097
Reputation: 103
1Ah.... no. - DNS spoofing is pretty Impossible to do to a target through one application. The only way to achieve this would be to spoof your own router, which is hard and mostly unsupported, to allow you to redirect trafic from google.com to your own webserver. – f3rn0s – 2016-08-11T23:48:09.563
Could it be done using a proxy? It can be system-wide, too, I just wanted to be clear about my purpose of doing this. Googling "DNS spoofing" only brings me results related to internet security. – Romário – 2016-08-12T00:08:52.773