Skip to content

Al-Azif/exploit-host-http

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

47 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Exploit Host HTTP

Purpose made HTTP Docker file setup for hosting exploits for the web browser for Sony PlayStation devices and the Nintendo Wii/WiiU/Switch. This essentially has to be used with the Exploit Host DNS component. It's possible to use it "standalone", but will require something to make the browser send the correct Host header with it's HTTP(S) requests.

Features

When used in conjunction with Exploit Host DNS following features are available:

  • Enables internet speed tests
  • Enables serving custom system updates
  • Hijacks system update feature pages
  • Hijacks default browser landing pages (Connection Tests, User's Manuals, and Browser Homepages)
    • Redirect is cached (It is not cached on PS5 as it becomes permanent)
    • Prepackaged with the latest Exploit Host website
    • Can redirect to an external page, to a self hosted site, or to the included Exploit Host website

Usage

This is setup to work right out of the box with Exploit Host DNS. There are a lot of options for your individual hosting wants/needs; however, I'll only show the basic usage here.

Command Line

This command will always pull the latest image from Docker Hub, run on the main Docker bridge network, and it will restart if it's not running until you explicitly tell it to stop.

docker run -d --network bridge -p 80:80/tcp -p 443:443/tcp --restart unless-stopped --pull always alazif/exploit-host-http:latest

Composer

This composer file will do the same as the command above.

---
version: "3.8"

services:
  exploit-host-http:
    image: alazif/exploit-host-http:latest
    network_mode: bridge
    ports:
      - 80:80/tcp
      - 443:443/udp
    pull_policy: always
    restart: unless-stopped

Start the compose file by calling docker compose up -d from the same location as the composer file.

Options (Environment Variables)

Option Default Type Info
DEBUG false boolean Show debug output for entrypoint.sh in the Docker log.
REDIRECT_TYPE http string The protocol that is used for the hijacked landing page redirect. Valid values are http and https.
ROOT_DOMAIN the.gate string The root domain that is used for hijacked landing page redirect. This is ONLY the domain itself.
ROOT_DOMAIN_PATH none string Additional path to append to root domain for redirect. If needed you can add an alternative port here as well.
HIJACK_URL none string Rather than hosting the hijacked landing page just redirect the request to another domain hosted elsewhere. If this is set, ROOT_DOMAIN and ROOT_DOMAIN_PATH are ignored.
NGINX_ACCESS_LOG false boolean Enables the NGINX access log, located at /var/log/nginx/access.log
NGINX_ERROR_LOG false boolean Enables the NGINX error log, located at /var/log/nginx/error.log
NGINX_ERROR_LOG_LEVEL warn string The error log level for the NGINX error log. Valid values are debug, info, notice, warn, error, crit, alert, emerg. Ignored if NGINX_ERROR_LOG is false.
TLS self string Valid values are self, letsencrypt, and mount.
CF_IP_CORRECTION false boolean Automatically correct CloudFlare IP addresses to the real IP address for logging.
CF_STRICT false boolean
OCSP_STAPLING false boolean
SEVER_HASH_BUCKET_SIZE_OVERRIDE false boolean Overrides the server_names_hash_bucket_size option in NGINX to be 64. Some systems have 32 as the default and that is not enough for our usage.

TODO

  • Verify TLS options work as expected, I believe certbot for letsencrypt has changed.
  • Make healthcheck.sh
  • Verify CF_STRICT still works as expected and hasn't changed.