HTTP Injector

Mobile proxy server with the ability to modify requests and access blocked websites behind firewall, etc.


Before we get started, let's understand the meaning
# Word Meaning
[Main] Payload HTTP header data payload that will be injected
Remote Proxy Remote HTTP proxy (ex: Squid proxy/APN proxy)
Debug Mode Show your data that you send/received in app log (Please turn off during normal usage)
Battery Saver Disable Wakelock that prevent your CPU from sleeping
Google DNS Use Google DNS to bypass blocked websites and prevent your ISP from knowing what websites you're visiting.
Start SSH Start SSH connection upon starting injection.
[SSH/Setting] Connect Mode There's two modes, iptables (root) which will require root and it only tunnel port 80 and 443 traffic.
VPN Service mode is for Android 4.0+ and will tunnel all traffic to your server. (Please use root mode, if you are having issue with VPN Service mode)
SSH Secure Shell is a encrypted network protocol for initiating text-based shell sessions on remote machines in a secure way.
SSH Host SSH IP/hostname
SSH Port The port for your SSH server, normally will be port 22 (Normally public squid/http proxy will block port 22)
Username SSH username
Password SSH password
Data Compression Compress data packet using zlib.
Upstream Proxy HTTP Injector currently is using port 8989 (fixed), you have to enable and set for the SSH to connect to HTTP Injector local proxy server.

Payload Keyword

Using the below keyword, the app will automatically replace with relavent data upon injection, you don't need to replace the word inside the square bracket unless you know what you are doing.
Supported keyword: [host] [port] [host_port] [protocol] [netData] [cr] [lf] [crlf] [lfcr]
Keyword Auto Replaced Meaning
[host] Destination host
[port] 22 Destination port
[host_port] Destination host and port, seperated by colon :
[ssh] SSH server ip and port that you set at settings
[protocol] HTTP\1.0 or HTTP\1.1 HTTP protocol version
[netData] CONNECT [host_port] [protocol] Short form of three keywords
[cr] \r Carriage Return, U+000D
[lf] \n Line Feed, U+000A
[crlf] \r\n CR (U+000D) followed by LF (U+000A)
[lfcr] \n\r LF (U+000A) followed by CR (U+000D)
[crlf][crlf] \r\n\r\n To indicate the end of HTTP header

Inject Method

Method Payload
Normal CONNECT [host_port] [protocol][crlf]Host:[crlf][crlf]
Front Inject GET HTTP/1.1[crlf]Host:[crlf][crlf]CONNECT [host_port] [protocol][crlf][crlf]
Back Inject CONNECT [host_port] HTTP/1.1[crlf][crlf]GET [protocol][crlf]Host:[crlf][crlf]
Front Query CONNECT[host_port][crlf]GET [protocol][crlf]Host:[crlf][crlf]
Back Query CONNECT [host_port][crlf]GET [protocol][crlf]Host:[crlf][crlf]