Scribd
Upload
201 views

GitHub - Arno0x - BluecoatURLFilteringBypass - Bluecoat Proxies URL Filtering Bypass PoC PDF

This document describes a proof of concept (PoC) JavaScript script that can bypass URL filtering on Bluecoat proxy servers. The script acts as a local proxy, rewriting client requests to defeat filtering approximately 80% of the time without needing administrative privileges or connections outside the corporate network. It works by configuring the browser to use the script's proxy, which forwards requests to the real Bluecoat proxy after rewriting parts that would normally trigger filtering. The author provides the code on GitHub under a GPL license and warns that using it to bypass network policies could result in trouble.

Uploaded by

lofej57555
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
201 views

GitHub - Arno0x - BluecoatURLFilteringBypass - Bluecoat Proxies URL Filtering Bypass PoC PDF

This document describes a proof of concept (PoC) JavaScript script that can bypass URL filtering on Bluecoat proxy servers. The script acts as a local proxy, rewriting client requests to defeat filtering approximately 80% of the time without needing administrative privileges or connections outside the corporate network. It works by configuring the browser to use the script's proxy, which forwards requests to the real Bluecoat proxy after rewriting parts that would normally trigger filtering. The author provides the code on GitHub under a GPL license and warns that using it to bypass network policies could result in trouble.

Uploaded by

lofej57555
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

2018-11-25 GitHub - Arno0x/BluecoatURLFilteringBypass: Bluecoat proxies URL filtering bypass PoC

Arno0x / BluecoatURLFilteringBypass

Dismiss
Join GitHub today
GitHub is home to over 28 million developers working together to host
and review code, manage projects, and build software together.

Sign up

Bluecoat proxies URL filtering bypass PoC

2 commits 1 branch 0 releases 1 contributor

Branch: master New pull request Find file Clone or download

Arno0x Changed comment Latest commit ef0408d on 19 May 2015

BluecoatFilteringBypassProxy.js Changed comment 4 years ago

readme.md First commit 4 years ago

readme.md

Bluecoat Proxies URL filtering bypass, for NodeJS


Author: Arno0x0x - @Arno0x0x

BluecoatFilteringBypassProxy is a very basic PoC (let me restate to be clear: VERY basic) of a simple technique that can be used
to defeat (80% of the time) the URL filtering on a Bluecoat Proxy.

While this PoC has been successfully tested against a "Bluecoat ProxySG" appliance with WebFilter/WebPulse enabled, it may
also work on other URL filtering proxies.

It is noticeable that this technique doesn't involve using any third party server outside of the corportate network to perform
some sort of tunneling or any fancy stuff like that. It's all local to the client computer and doesn't require any admin rights. The
trick is all about rewriting client requests on the fly.

BluecoatFilteringBypassProxy is written in Javascript, based on NodeJS libraries and runtime. It does NOT require any
additionnal NodeJS module.

This script is distributed under the terms of the GPLv3 licence.

Disclaimer
1. As usual, this script is just a PoC to demonstrate how this kind of URL filtering works and give a better understanding of
the limits of such a filtering. I think it's good for network/system admins to see what it needs for their users to bypass, in
most case, their URL filtering.

2. The code is crap. I'm not a developper nor do I have time to write nice and reusable code. Feel free to fork. However, it's
pretty stable and I've been using it day long.

3. If you get caught by your company bypassing or even trying to bypass their URL filtering proxy, well... you might get into
trouble, who knows ?

Dependencies
BluecoatFilteringBypassProxy requires NodeJS to run it and that's pretty much it. The script is based only on NodeJS core
modules so no additionnal module is required.

Installation / Start it
https://github.com/Arno0x/BluecoatURLFilteringBypass?fbclid=IwAR07h7b1Rc6Z2bF_mboWBuLDO_8B9WWHmkLrOnNLBB9fVb-AZma8QgO3… 1/2
2018-11-25 GitHub - Arno0x/BluecoatURLFilteringBypass: Bluecoat proxies URL filtering bypass PoC

Copy the BluecoatFilteringBypassProxy.js in a directory. Edit it to configure main variables at the beginning of the script,
namely:

proxyPort : Integer - Sets the TCP port the proxy will be listening on
serviceProxy : String - Defines the Bluecoat upstream proxy name or IP
servicePort : Integer - Defines the Bluecoat upstream proxy TCP port

Then run the script via NodeJS binary:

# node BluecoatFilteringBypassProxy.js

Eventually configure your browser to point to this proxy listening on the port specified with the "proxyPort" variable

https://github.com/Arno0x/BluecoatURLFilteringBypass?fbclid=IwAR07h7b1Rc6Z2bF_mboWBuLDO_8B9WWHmkLrOnNLBB9fVb-AZma8QgO3… 2/2

You might also like