Haka is an open source security oriented language which allows to apply security policies on (live) captured traffic. The important here, is that with Haka you can easily alter live traffic.

The first thing to come in mind here is lolcat.

lolcat

Obviously, we have already played with lol cat at Haka and we have even made a blog post about it.

Among the important list of all the funny things you can do by altering some http traffic, the one I have choosen to use is to blur entire web pages.

Setting up Haka

In order to easily alter http traffic we need to use the upcomming version of Haka. As there is currently no official build we just have to checkout the develop version of it.

git clone https://github.com/haka-security/haka.git
cd haka
git checkout develop

Ensure that you have all the required dependencies: README.md

Then you can create a workspace and build Haka.

mkdir workspace/
cd workspace/
cmake $PATH_TO_HAKA/
make localinstall

Now you should have an compiled version of Haka in your workspace.

Blurring the web

The fastest way to blur a web page is to use css to add shadow on all text.

* {
	color: transparent !important;
	text-shadow: 0 0 3px black !important;
}

Altering http responses

So we want to add this css snippet on every html pages. To do so we have to trick server to make sure they will response with a clear text html page.

local http = require('protocol/http')

http.install_tcp_rule(80)

haka.rule {
	hook = http.events.request,
	eval = function (http, request)
		request.headers['Accept-Encoding'] = nil
		request.headers['Accept'] = '*/*'
	end
}

Then we can add our magic powder to http response.

local rem = require('regexp/pcre')

local pattern = '</head>'
local regexp = rem.re:compile(pattern, rem.re.CASE_INSENSITIVE)
local css = ' <style type="text/css" media="screen"> * { color: transparent !important; text-shadow: 0 0 3px black !important; } </style> '

haka.rule {
	hook = http.events.response,
	eval = function (http, response)
		http:enable_data_modification()
	end
}

haka.rule{
	hook = http.events.response_data,
	options = {
		streamed = true,
	},
	eval = function (flow, iter)
		local result = regexp:match(iter, true)
		if result then
			result:pos('begin'):insert(haka.vbuffer_from(css))
		end
	end
}

Bluuuuuur !

The full script is available at blurring-the-web.lua.

Just run it with your previously build haka. Don’t forget that you need to be root to do so.

source workspace/out/env.sh
haka -r blurring-the-web.lua --no-daemon

You should have a brand new internet now ! Go get your glasses !

blurred-haka

Paul Fariello.

Blurring the web with Haka

Setting up Haka

Blurring the web

Altering http responses

Bluuuuuur !