Libraries for Proxomitron

... this is NOT an official site 

Proxomitron - viewing the web the way you want

Libraries for Proxomitron

There are two functions for which the Proxomitron relies on external DLL (dynamic link library) files. These are both optional, but are highly recommended. These files enable filtering of files transferred over secure HTTP (i.e. urls that start with HTTPS://) and those that have been encoded with the gzip compression.

SSL Encrypted Traffic

In order to provide security to web transactions, a method of encrypting the data transferred over the network connection has been established. The transfer is done with SSL encryption, and both the web browser and server cooperate in this encryption. However, if you wish to filter the data transferred this way, you need to have Proxomitron intercept the encrypted stream and understand it. To do this, Proxomitron decrypts the stream it gets (from either the browser or server), filters it, and then re-encrypts the data to pass the stream to the other end.

It is possible to filter SSL connections with Proxomitron. You will need SSLeay32.dll and libeay32.dll from Sidki's SSL page or elsewhere. Place these in the Proxomitron directory. You will also need a certificate. (See here to get one - look for "proxcert".) Then configure Proxomitron to use SSL. Note that you may need to set Proxomitron to "send only HTTP/1.0 requests" for SSL to work.

The current OpenSSL build can be found on Shining Light Productions' website.


It is possible to use this to do some interesting things. For example, if you have passwords stored in your browser to transparently connect to login sites on the web, these passwords can be trivially discovered through the log window, if display of "Posted data" is enabled, and Proxomitron is used to filter HTTPS: traffic. Beware! (Other methods might be used, this is just an easy way to do it.)
 

GZip Encoded Traffic

The gzip content-encoding technique is a method of transferring files in a compressed form over the HTTP connection. In order for the Proxomitron to be able to edit these files, it must be able to decode the gzip compression. To enable this, the zlib.dll file is included with the Proxomitron.

The version of zlib.dll included with Proxomitron is an older version (1.1.4). While it is safe (as far as is known), there are newer versions (1.2.x) that are faster. Some of these have been found to have security problems. If you have updated zlib.dll, you should check that you have the current version from ZLIB.DLL page. The version information can be found by right clicking on zlib.dll in the proxomitron directory, and selecting "Properties".

Return to the beginning ...